783177614ff760a2f4f3a7cc2329637b5593a951e8aacbb9f7d9dc3001befa20_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

783177614ff760a2f4f3a7cc2329637b5593a951e8aacbb9f7d9dc3001befa20_NeikiAnalytics.exe
Size

313KB
MD5

dee17e5ccb1a6b35281def9207302b80
SHA1

f0f178ed6e730fec9347e991e36f23ef8158a752
SHA256

783177614ff760a2f4f3a7cc2329637b5593a951e8aacbb9f7d9dc3001befa20
SHA512

7b3e470f0391460e873540b45d1b280be74ba2296ac52d61044a021addde6d29952f6f84a3443aeff5d567b7a9387e31e3a8a5b2fc60e1d94c99044a901ac99e
SSDEEP

3072:8fi1toLVLffdZ5pPdUdTjKvB+eU2RkcJ+BVR5cxcl8ouuguIJUO7VRZg:Zu5pmluNtRJJwR5c8N27VR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
783177614ff760a2f4f3a7cc2329637b5593a951e8aacbb9f7d9dc3001befa20_NeikiAnalytics.exe

Files

783177614ff760a2f4f3a7cc2329637b5593a951e8aacbb9f7d9dc3001befa20_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

5a73f22b2c6c7a1295805a686d3be265

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\nikita1.s\Perforce\apl\tests\gles_cts\1.0\cmake_test\Debug\covgl.pdb

Imports

kernel32

GetModuleHandleW
GetModuleFileNameW
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
DecodePointer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryW
lstrlenA
LoadLibraryExW
GetProcAddress
GetLastError
RaiseException
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetModuleHandleA
Sleep

libglesv2

glTranslatex
glDrawArrays
glDrawElements
glLightModelxv
glMultiTexCoord4x
glLoadIdentity
glLoadMatrixx
glTexParameterxv
glTexParameteriv
glTexParameteri
glTexEnviv
glTexEnvi
glScalex
glRotatex
glReadPixels
glPointSizePointerOES
glLightx
glPushMatrix
glPopMatrix
glPointParameterxv
glPointParameterx
glOrthox
glIsTexture
glIsEnabled
glIsBuffer
glGetTexParameterxv
glGetTexParameteriv
glGetTexEnvxv
glGetTexEnviv
glGetString
glGetPointerv
glGetMaterialxv
glGetLightxv
glGetFixedv
glGenTextures
glGetClipPlanex
glGetBufferParameteriv
glGetBooleanv
glFrustumx
glFlush
glFinish
glEnableClientState
glTexImage2D
glCopyTexSubImage2D
glCopyTexImage2D
glCompressedTexSubImage2D
glCompressedTexImage2D
glColor4ub
glClipPlanex
glClear
glGenBuffers
glDeleteTextures
glDeleteBuffers
glBufferSubData
glBufferData
glBindBuffer
glViewport
glVertexPointer
glTexParameterx
glTexEnvxv
glTexEnvx
glTexCoordPointer
glStencilOp
glStencilMask
glStencilFunc
glShadeModel
glScissor
glSampleCoveragex
glPolygonOffsetx
glPointSizex
glNormalPointer
glLightModelx
glHint
glGetIntegerv
glGetError
glFrontFace
glFogxv
glFogx
glEnable
glDisableClientState
glDisable
glDepthRangex
glDepthMask
glDepthFunc
glCullFace
glColorPointer
glColorMask
glColor4x
glClientActiveTexture
glClearStencil
glClearDepthx
glClearColorx
glBlendFunc
glBindTexture
glAlphaFuncx
glNormal3x
glMatrixMode
glMaterialxv
glMaterialx
glLogicOp
glLineWidthx
glLightxv
glTexSubImage2D
glActiveTexture
glMultMatrixx

libegl

eglSwapBuffers
eglMakeCurrent
eglCreateContext
eglDestroySurface
eglCreateWindowSurface
eglGetConfigAttrib
eglChooseConfig
eglGetConfigs
eglTerminate
eglInitialize
eglGetDisplay
eglDestroyContext

msvcr110d

_cexit
fclose
fflush
fopen
fprintf
printf
vsprintf
strcpy
_wsplitpath_s
_wmakepath_s
wcscpy_s
_except_handler4_common
_controlfp_s
_invoke_watson
_onexit
__dllonexit
_calloc_dbg
_unlock
_lock
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_commode
_fmode
__initenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
__iob_func
_exit
_CrtSetCheckCount
_CrtDbgReportW
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_CRT_RTC_INITW
strstr
exit
memmove
isdigit
strlen
sprintf
_wassert
malloc
free
strcmp

user32

RegisterClassA
CreateWindowExA
DestroyWindow
AdjustWindowRect
LoadCursorA
LoadIconA
DefWindowProcA

gdi32

GetStockObject

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a73f22b2c6c7a1295805a686d3be265

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

libglesv2

libegl

msvcr110d

user32

gdi32

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 210KB - Virtual size: 210KB

.data Size: 6KB - Virtual size: 7KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 210KB - Virtual size: 210KB

.data
Size: 6KB - Virtual size: 7KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 6KB - Virtual size: 6KB