2b95b0199e2922d6c3034b4e97a7cd49783b93426b6c430cd6111e7fb411d7ca_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2b95b0199e2922d6c3034b4e97a7cd49783b93426b6c430cd6111e7fb411d7ca_NeikiAnalytics.exe
Size

230KB
MD5

a8522bdc3a4acbe5ea796f37b64e5d20
SHA1

5a772f8dfc5d3395fefc5fbeaf211b3cda91fe09
SHA256

2b95b0199e2922d6c3034b4e97a7cd49783b93426b6c430cd6111e7fb411d7ca
SHA512

4a8d76439e0f32a4fc9acd8849a6923953e5ab26de4c0db077ff91c7daf4e1a41746afbe8e1755afdfb23ab2232c8c41d850c0b79a52cff0abaa3d992bcff3bf
SSDEEP

3072:IgvGU/OCFUpgY/BVawnYd5Hf8/DCI3AvolA5iweAm2lkTLQaHK5DqhAvrTtWcrZK:IlU/zFOBowOHU/mCHK5DqOrBWcZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b95b0199e2922d6c3034b4e97a7cd49783b93426b6c430cd6111e7fb411d7ca_NeikiAnalytics.exe

Files

2b95b0199e2922d6c3034b4e97a7cd49783b93426b6c430cd6111e7fb411d7ca_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

a1d6d2ae42b33dad1ef1ea039ef68e15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

avfilter-lav-10.pdb

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
abort
calloc
fputc
free
fwrite
localeconv
malloc
memcpy
memmove
memset
realloc
strchr
strcmp
strerror
strlen
strncmp
strspn
strtol
vfprintf
wcslen

avutil-lav-59

av_bprint_chars
av_bprint_init
av_bprint_init_for_buffer
av_bprintf
av_buffer_allocz
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_ref
av_buffer_unref
av_calloc
av_channel_layout_channel_from_index
av_channel_layout_check
av_channel_layout_compare
av_channel_layout_copy
av_channel_layout_describe
av_channel_layout_describe_bprint
av_channel_layout_from_mask
av_channel_layout_from_string
av_channel_layout_subset
av_channel_layout_uninit
av_color_range_name
av_color_space_name
av_cpu_max_align
av_csp_luma_coeffs_from_avcsp
av_d2q
av_default_item_name
av_dict_count
av_dict_free
av_dict_iterate
av_dict_set
av_dynarray_add_nofree
av_expr_count_vars
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fifo_alloc2
av_fifo_can_read
av_fifo_freep2
av_fifo_read
av_fifo_write
av_find_best_pix_fmt_of_2
av_frame_alloc
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_side_data
av_frame_is_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_ref
av_frame_remove_side_data
av_frame_unref
av_free
av_freep
av_gcd_q
av_get_bytes_per_sample
av_get_cpu_flags
av_get_media_type_string
av_get_packed_sample_fmt
av_get_pix_fmt
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_get_token
av_hwframe_get_buffer
av_image_check_size2
av_image_copy
av_image_fill_linesizes
av_image_fill_plane_sizes
av_log
av_log_once
av_malloc
av_malloc_array
av_mallocz
av_memdup
av_mul_q
av_opt_copy
av_opt_find2
av_opt_free
av_opt_get
av_opt_get_int
av_opt_get_key_value
av_opt_next
av_opt_set
av_opt_set_defaults
av_opt_set_dict2
av_opt_set_double
av_opt_set_int
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_realloc_array
av_reduce
av_rescale
av_rescale_q
av_sample_fmt_is_planar
av_samples_copy
av_samples_get_buffer_size
av_samples_set_silence
av_set_options_string
av_strdup
av_strerror
av_strlcatf
av_strlcpy
av_strtod
av_ts_make_time_string2
avpriv_set_systematic_pal2
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free

swscale-lav-8

sws_alloc_context
sws_freeContext
sws_getCoefficients
sws_getColorspaceDetails
sws_get_class
sws_init_context
sws_isSupportedEndiannessConversion
sws_isSupportedInput
sws_isSupportedOutput
sws_scale_frame
sws_setColorspaceDetails

Exports

Exports

av_buffersink_get_ch_layout
av_buffersink_get_channels
av_buffersink_get_color_range
av_buffersink_get_colorspace
av_buffersink_get_format
av_buffersink_get_frame
av_buffersink_get_frame_flags
av_buffersink_get_frame_rate
av_buffersink_get_h
av_buffersink_get_hw_frames_ctx
av_buffersink_get_sample_aspect_ratio
av_buffersink_get_sample_rate
av_buffersink_get_samples
av_buffersink_get_time_base
av_buffersink_get_type
av_buffersink_get_w
av_buffersink_set_frame_size
av_buffersrc_add_frame
av_buffersrc_add_frame_flags
av_buffersrc_close
av_buffersrc_get_nb_failed_requests
av_buffersrc_parameters_alloc
av_buffersrc_parameters_set
av_buffersrc_write_frame
av_filter_ffversion
av_filter_iterate
avfilter_config_links
avfilter_configuration
avfilter_filter_pad_count
avfilter_free
avfilter_get_by_name
avfilter_get_class
avfilter_graph_alloc
avfilter_graph_alloc_filter
avfilter_graph_config
avfilter_graph_create_filter
avfilter_graph_dump
avfilter_graph_free
avfilter_graph_get_filter
avfilter_graph_parse
avfilter_graph_parse2
avfilter_graph_parse_ptr
avfilter_graph_queue_command
avfilter_graph_request_oldest
avfilter_graph_segment_apply
avfilter_graph_segment_apply_opts
avfilter_graph_segment_create_filters
avfilter_graph_segment_free
avfilter_graph_segment_init
avfilter_graph_segment_link
avfilter_graph_segment_parse
avfilter_graph_send_command
avfilter_graph_set_auto_convert
avfilter_init_dict
avfilter_init_str
avfilter_inout_alloc
avfilter_inout_free
avfilter_insert_filter
avfilter_license
avfilter_link
avfilter_link_free
avfilter_pad_get_name
avfilter_pad_get_type
avfilter_process_command
avfilter_version

Sections

.text
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.debug
Size: 76B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a1d6d2ae42b33dad1ef1ea039ef68e15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

avutil-lav-59

swscale-lav-8

Exports

Exports

Sections

.text Size: 169KB - Virtual size: 169KB

.data Size: 512B - Virtual size: 160B

.rdata Size: 35KB - Virtual size: 35KB

.pdata Size: 5KB - Virtual size: 4KB

.xdata Size: 5KB - Virtual size: 4KB

.bss Size: - Virtual size: 2KB

.edata Size: 2KB - Virtual size: 2KB

.idata Size: 7KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 1KB - Virtual size: 1KB

.debug Size: 76B - Virtual size: 512B

.text
Size: 169KB - Virtual size: 169KB

.data
Size: 512B - Virtual size: 160B

.rdata
Size: 35KB - Virtual size: 35KB

.pdata
Size: 5KB - Virtual size: 4KB

.xdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 2KB - Virtual size: 2KB

.idata
Size: 7KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 1KB - Virtual size: 1KB

.debug
Size: 76B - Virtual size: 512B