93122406b71b3deb41a38efcfd0879bc9323a62c0327bec9726baf82fcb4b6f4_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

93122406b71b3deb41a38efcfd0879bc9323a62c0327bec9726baf82fcb4b6f4_NeikiAnalytics.exe
Size

38KB
MD5

b3aae856b7784230840acb9dae032990
SHA1

6289baaae76b9a40385fc7a1625986bea2ab1415
SHA256

93122406b71b3deb41a38efcfd0879bc9323a62c0327bec9726baf82fcb4b6f4
SHA512

f6c7bcb6e8fffc2a5a145cb7d5a27b53e378162241ea1aa54dba96cab1f7a819c49068d704d4e320e14cc0050bdc450094718985fbebf7f0993a030c7fbf3d55
SSDEEP

192:Yl6M+nEcDqWpoCpJeLWBqb2EtIEYXtuIb413yKh8n7ynyDR:yW7roIEquwg0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93122406b71b3deb41a38efcfd0879bc9323a62c0327bec9726baf82fcb4b6f4_NeikiAnalytics.exe

Files

93122406b71b3deb41a38efcfd0879bc9323a62c0327bec9726baf82fcb4b6f4_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

bb36947e6e2c1ac23daccfbbf536f440

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\ci\ws\build\rmw_dds_common\rosidl_generator_py\rmw_dds_common\RelWithDebInfo\rmw_dds_common_s__rosidl_typesupport_fastrtps_c.pdb

Imports

python38

PyModule_AddObject
PyCapsule_New
PyModule_Create2
_Py_Dealloc

rmw_dds_common__rosidl_generator_py

rmw_dds_common__msg__participant_entities_info__convert_to_py
rmw_dds_common__msg__participant_entities_info__convert_from_py
rmw_dds_common__msg__node_entities_info__convert_to_py
rmw_dds_common__msg__node_entities_info__convert_from_py
rmw_dds_common__msg__gid__convert_to_py
rmw_dds_common__msg__gid__convert_from_py

rmw_dds_common__rosidl_typesupport_c

rosidl_typesupport_c__get_message_type_support_handle__rmw_dds_common__msg__ParticipantEntitiesInfo
rosidl_typesupport_c__get_message_type_support_handle__rmw_dds_common__msg__NodeEntitiesInfo
rosidl_typesupport_c__get_message_type_support_handle__rmw_dds_common__msg__Gid

rmw_dds_common__rosidl_generator_c

rmw_dds_common__msg__NodeEntitiesInfo__create
rmw_dds_common__msg__NodeEntitiesInfo__destroy
rmw_dds_common__msg__ParticipantEntitiesInfo__create
rmw_dds_common__msg__ParticipantEntitiesInfo__destroy
rmw_dds_common__msg__Gid__create
rmw_dds_common__msg__Gid__destroy

vcruntime140

__current_exception_context
__current_exception
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_initialize_onexit_table
_register_onexit_function
terminate
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment

kernel32

GetCurrentProcessId
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter

Exports

Exports

PyInit_rmw_dds_common_s__rosidl_typesupport_fastrtps_c

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 697B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 337B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb36947e6e2c1ac23daccfbbf536f440

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

python38

rmw_dds_common__rosidl_generator_py

rmw_dds_common__rosidl_typesupport_c

rmw_dds_common__rosidl_generator_c

vcruntime140

api-ms-win-crt-runtime-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 697B

.pdata Size: 1024B - Virtual size: 888B

.idata Size: 5KB - Virtual size: 4KB

.00cfg Size: 512B - Virtual size: 337B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 334B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 697B

.pdata
Size: 1024B - Virtual size: 888B

.idata
Size: 5KB - Virtual size: 4KB

.00cfg
Size: 512B - Virtual size: 337B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 334B