3188e855486d0f505c901cef01ea2030e3daabc6659832edca7bde3ef1c4f274_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3188e855486d0f505c901cef01ea2030e3daabc6659832edca7bde3ef1c4f274_NeikiAnalytics.exe
Size

108KB
MD5

39c20124bec0b978f8687256a2a445c0
SHA1

1ab771a315fc131aeaa4c559009fa446b5ae5345
SHA256

3188e855486d0f505c901cef01ea2030e3daabc6659832edca7bde3ef1c4f274
SHA512

52c2813b10707f18a10e129c2f805a0a95f0e70a469c1d8d0ec77f1c86c887322609263355765b2172dbcf2d23aee40f9c310cf1753c27628ad6b85f03625592
SSDEEP

3072:Pxa+ZdA1HuJ/gHz8kouK0VR/iVWaM9WIUycthN:vZdKQIHBVR/G49LvcX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3188e855486d0f505c901cef01ea2030e3daabc6659832edca7bde3ef1c4f274_NeikiAnalytics.exe

Files

3188e855486d0f505c901cef01ea2030e3daabc6659832edca7bde3ef1c4f274_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

139eb2ea40b3e37b394f7dcbc804279d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lmc1

?IsSleepTimeCloseLaser@CLmcDev@@QAEXXZ
?ReadPort@CLmcDev@@QAEHAAG@Z
?CheckLaserState@CLmcDev@@QAEHH@Z
?listDelayTime@CLmcDev@@QAEHH@Z
?MarkEntArray@CLmcDev@@QAEHPAVCEntity@@HNNPAVCMatrix2d@@@Z
?listJumpTo@CLmcDev@@QAEHNNH@Z
?WaitForMarkFinish@CLmcDev@@QAEHXZ
?gf_StartMarkDlg@@YAHVCString@@0@Z
?gf_GetLmcDev@@YAPAVCLmcDev@@XZ
?ExecMarkCmdFile@CLmcDev@@QAEHH@Z
?WritePort@CLmcDev@@QAEHG@Z
?InitLmc@CLmcDev@@QAEHHH@Z

datamgr

??1CQIniFile@@UAE@XZ
?ImportFile@CEntVectorFile@@QAEHVCString@@@Z
?GetFileName@CEntBitmap@@QBE?AVCString@@XZ
?LoadImageFile@CEntBitmap@@QAEHVCString@@ABVPt2d@@@Z
?SetWndDC@CDrawDC@@QAEXPAVCDC@@@Z
?DPtoLP@CDrawDC@@QBEXABVCPoint@@AAVPt2d@@@Z
?Draw_Line@CDrawDC@@QBEXPAVCDC@@ABVPt2d@@1PAVCMatrix2d@@H@Z
?SetScale@CDrawDC@@QAEHN@Z
?SetLogWndCenter@CDrawDC@@QAEXVPt2d@@@Z
??0CDrawDC@@QAE@XZ
??1CDrawDC@@QAE@XZ
?DevLenToLogLen@CDrawDC@@QBENH@Z
?GetLogWndCenter@CDrawDC@@QBE?AVPt2d@@XZ
?Invalidate@CDrawDC@@QAEXXZ
?DetachNavWindow@CCommand@@UAEHXZ
?AttachNavWindow@CCommand@@UAEHPAVCWnd@@@Z
?HideNavWindow@CCommand@@UAEXXZ
?ShowNavWindow@CCommand@@UAEXXZ
?Draw@CCommand@@UAEHPAVCDrawDC@@H@Z
?OnGetCtrlMessageString@CCommand@@UAEHGAAVCString@@0@Z
?OnUpdateCtrlMessage@CCommand@@UAEHGPAVCCmdUI@@@Z
?OnCtrlMessage@CCommand@@UAEHGPAX@Z
?OnMessage@CCommand@@UAEHHIJ@Z
?OnKeyUp@CCommand@@UAEHIII@Z
?OnKeyDown@CCommand@@UAEHIII@Z
?OnChar@CCommand@@UAEHIII@Z
?OnMouseWheel@CCommand@@UAEHIFVCPoint@@@Z
?OnMButtonUp@CCommand@@UAEHIVCPoint@@@Z
?OnMButtonDown@CCommand@@UAEHIVCPoint@@@Z
?OnMouseMove@CCommand@@UAEHIVCPoint@@@Z
?OnRButtonDblClk@CCommand@@UAEHIVCPoint@@@Z
?OnRButtonUp@CCommand@@UAEHIVCPoint@@@Z
?OnRButtonDown@CCommand@@UAEHIVCPoint@@@Z
?OnLButtonDblClk@CCommand@@UAEHIVCPoint@@@Z
?OnLButtonUp@CCommand@@UAEHIVCPoint@@@Z
?OnLButtonDown@CCommand@@UAEHIVCPoint@@@Z
?Continue@CCommand@@UAEXXZ
?BreakByOther@CCommand@@UAEXXZ
?StopByOther@CCommand@@UAEXXZ
?StopBySelf@CCommand@@UAEXXZ
??0CCommand@@QAE@VCString@@PAVCCmdMgr@@@Z
??_7CCommand@@6B@
?gf_Str@@YA?AVCString@@V1@0@Z
?gf_SetMarkWnd@@YAXPAVCWnd@@@Z
?gf_GetMarkWnd@@YAPAVCWnd@@XZ
?gf_GetCmdMgr@@YAPAVCCmdMgr@@XZ
?gf_GetSoftFunCode@@YAHXZ
?ShowTip@CCommand@@QAEXVCString@@@Z
?gf_GetDataMgr@@YAPAVCDataMgr@@XZ
?gf_GetFloatStr@@YA?AVCString@@NH@Z
?ATOF@@YANVCString@@@Z
??0CMakeClock@@QAE@H@Z
?GetUseTime@CMakeClock@@QAEXAAH000@Z
?gf_GetUnitStr@@YA?AVCString@@XZ
?GetValue@CQIniFile@@QAE?AVCString@@V2@0@Z
?ReadFile@CQIniFile@@QAEHXZ
?SetPath@CQIniFile@@QAEXVCString@@@Z
??0CQIniFile@@QAE@XZ
?gf_GetPlugPath@@YA?AVCString@@XZ
?WriteFile@CQIniFile@@QAEXXZ
?SetValue@CQIniFile@@QAEHVCString@@00H@Z
?Destory@CUndoMgr@@QAEXXZ
?gf_GetUndoMgr@@YAPAVCUndoMgr@@XZ
?gf_GetActiveWnd@@YAPAVCWnd@@XZ
?EndPick@CDataMgr@@QAEXXZ
?BeginPick@CDataMgr@@QAEXXZ
?gf_SetMarkMutex@@YAXPAX@Z
?gf_GetMarkMutex@@YAPAXXZ
?GetChildCnt@CEntity@@QAEHXZ
?gf_GetCfg@@YAPAVCEzcadCfg@@XZ
?UpdataBoundBox@CDataMgr@@QAEHH@Z
?Start@CMakeClock@@QAEXXZ
?ReHatchFill@CEntHatchGroup@@QAEXXZ
?GetTotalTime@CMakeClock@@QAEJXZ
?GetFileName@CEntVectorFile@@QBE?AVCString@@XZ

mathlib

?SetBox@Box2d@@QAEXVPt2d@@0@Z
?AddPoint@Box2d@@QAEXABVPt2d@@@Z
?Width@Box2d@@QBENXZ
?Height@Box2d@@QBENXZ
?Adjust@Box2d@@QAEXXZ
?Move@CMatrix2d@@QAE?AV1@ABN0@Z
??D@YA?AVCMatrix2d@@ABV0@0@Z
?Rotate@CMatrix2d@@QAE?AV1@ABN00@Z
?GetCenterPt@Box2d@@QBE?AVPt2d@@XZ
??D@YA?AVPt2d@@ABV0@ABVCMatrix2d@@@Z
??0Box2d@@QAE@XZ
??0Box2d@@QAE@ABV0@@Z
??4Box2d@@QAEXABV0@@Z
??1CMatrix2d@@QAE@XZ
?Identity@CMatrix2d@@QAEXXZ
??0Pt2d@@QAE@XZ
?IsEmpty@Box2d@@QBEHXZ

mfc42u

ord1807
ord3566
ord2966
ord5755
ord6188
ord5752
ord6182
ord4324
ord6185
ord6168
ord5869
ord5785
ord5790
ord5674
ord5732
ord5575
ord5567
ord6057
ord5860
ord640
ord2746
ord5781
ord1634
ord6017
ord1633
ord323
ord825
ord3621
ord3658
ord2397
ord2406
ord800
ord535
ord538
ord823
ord6466
ord269
ord5261
ord4992
ord2506
ord6048
ord4073
ord1767
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord5276
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4621
ord4419
ord3592
ord324
ord641
ord4229
ord1143
ord1165
ord2810
ord6195
ord3087
ord4704
ord3871
ord2567
ord6051
ord1768
ord4390
ord5286
ord3397
ord4418
ord3569
ord609
ord567
ord2294
ord4370
ord6211
ord2078
ord4847
ord1764
ord6362
ord2405
ord2016
ord4214
ord2573
ord4395
ord3634
ord692
ord2350
ord6330
ord1197
ord772
ord500
ord2293
ord2634
ord925
ord6451
ord6138
ord922
ord858
ord927
ord5856
ord537
ord2371
ord4219
ord942
ord5602
ord4269
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2388
ord3341
ord5296
ord5298
ord2717
ord4074
ord4692
ord5303
ord5285
ord5710
ord3948
ord4616
ord3733
ord561
ord815
ord861
ord3737
ord818
ord4270
ord755
ord472
ord5871
ord470
ord2859
ord826
ord600
ord1571
ord1250
ord1248
ord1563
ord1194
ord1240
ord342
ord1179
ord1570
ord1568
ord1173
ord540
ord1115

msvcrt

??1type_info@@UAE@XZ
_adjust_fdiv
malloc
_initterm
__CxxFrameHandler
_wtoi
wcscmp
wcscpy
__dllonexit
_onexit
free

kernel32

Sleep
LocalAlloc
LocalFree
CreateMutexW
ReleaseMutex
WaitForSingleObject

user32

SetTimer
KillTimer
InvalidateRect
GetKeyState
GetClientRect
InflateRect
SetCapture
ReleaseCapture
LoadIconW
SendMessageW
GrayStringW
DrawTextW
TabbedTextOutW
IsRectEmpty
CopyRect
EnableWindow

gdi32

CreateCompatibleBitmap
GetMapMode
CreateCompatibleDC
SelectObject
BitBlt
PtVisible
RectVisible
Escape
ExtTextOutW
TextOutW

Exports

Exports

EzCad2PlugMain

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

139eb2ea40b3e37b394f7dcbc804279d

Headers

File Characteristics

Imports

lmc1

datamgr

mathlib

mfc42u

msvcrt

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 16KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 16KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 5KB