890b43d41c458fe4cc2f3cc9cd3407979922dd7c5354e6a8f18f84cfd10cb04a_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

890b43d41c458fe4cc2f3cc9cd3407979922dd7c5354e6a8f18f84cfd10cb04a_NeikiAnalytics.exe
Size

317KB
MD5

06495a212f7fcd0387de5a024e5af140
SHA1

edbb5675e231cdfa8b926e967f75901e9b0e58b7
SHA256

890b43d41c458fe4cc2f3cc9cd3407979922dd7c5354e6a8f18f84cfd10cb04a
SHA512

de71dfff5d042a65ab6360e9c4d677736e700d29d69a69b397dbd1bf59fb945e779be1b68d80066616de6c65bb6d28e1ca177983fa77356f5a4a6378a9e8b264
SSDEEP

6144:q9aa6a666hnxtC+VjeVirzvayXrsA85qPRyzXgNdhV5HB506dX:maa6a666jwRyIAVyzQfdX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
890b43d41c458fe4cc2f3cc9cd3407979922dd7c5354e6a8f18f84cfd10cb04a_NeikiAnalytics.exe

Files

890b43d41c458fe4cc2f3cc9cd3407979922dd7c5354e6a8f18f84cfd10cb04a_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

da5c4313e70170061bd1851a6571c77e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

libvlccore

config_ChainParse
picture_CopyPixels
picture_CopyProperties
picture_Destroy
picture_NewFromFormat
var_AddCallback
var_Change
var_Create
var_DelCallback
var_Get
var_GetChecked
video_format_IsSameChroma
vlc_gettext
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_object_Log

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

kernel32

AcquireSRWLockExclusive
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetStdHandle
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSRWLockExclusive
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetConsoleTextAttribute
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_aligned_free
_aligned_malloc
_aligned_realloc
_amsg_exit
_beginthreadex
_endthreadex
_errno
_exit
_gmtime64
_hypot
_initterm
_localtime64
_lock
_mktime64
_setjmp
_sopen
_ultoa
_unlock
_wassert
_wsopen
abort
acos
asin
atan
bsearch
calloc
clock
cosh
exit
fclose
fprintf
fputc
fputs
fread
free
frexp
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
rand
realloc
setvbuf
signal
sinh
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strrchr
strspn
strstr
strtol
strtoul
tan
tanh
tolower
ungetc
vfprintf
wcscat
wcscpy
wcslen
longjmp
_write
_strdup
_open
_isatty
_fdopen
_close

Exports

Exports

vlc_entry
vlc_entry_api_version
vlc_entry_copyright
vlc_entry_license

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 173B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da5c4313e70170061bd1851a6571c77e

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

advapi32

bcrypt

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 221KB - Virtual size: 220KB

.data Size: 512B - Virtual size: 464B

.rdata Size: 66KB - Virtual size: 65KB

.pdata Size: 8KB - Virtual size: 8KB

.xdata Size: 8KB - Virtual size: 8KB

.bss Size: - Virtual size: 8KB

.edata Size: 512B - Virtual size: 173B

.idata Size: 6KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 2KB - Virtual size: 2KB

/4 Size: 512B - Virtual size: 32B

.text
Size: 221KB - Virtual size: 220KB

.data
Size: 512B - Virtual size: 464B

.rdata
Size: 66KB - Virtual size: 65KB

.pdata
Size: 8KB - Virtual size: 8KB

.xdata
Size: 8KB - Virtual size: 8KB

.bss
Size: - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 173B

.idata
Size: 6KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 2KB - Virtual size: 2KB

/4
Size: 512B - Virtual size: 32B