8a4c0feb81ffe408c34822d3a5f992e34e848084383ec60935e475338d04d8d7_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8a4c0feb81ffe408c34822d3a5f992e34e848084383ec60935e475338d04d8d7_NeikiAnalytics.exe
Size

137KB
MD5

c585e63b67ab3c175356060e1ad4af70
SHA1

caabe1fe04d0fd343d52d5fdd44706dfacd1e4f0
SHA256

8a4c0feb81ffe408c34822d3a5f992e34e848084383ec60935e475338d04d8d7
SHA512

59572e476d3bc47b58cb7ca737a23bc51c8528692c2188adccc9c2e53c8b98e94766cdcd23df24ac42529a0b94c00443aaa2dbf0f648bd53c36a8f61957e8dc9
SSDEEP

3072:B33m42ZvSVfDmyLIoRtMCaO63CIdtmBeBBl/uOj+Bj4gtnwua91uYIJ9:B33J2ZqVfDmyUoRtMCaO63CcEeB72q+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4c0feb81ffe408c34822d3a5f992e34e848084383ec60935e475338d04d8d7_NeikiAnalytics.exe

Files

8a4c0feb81ffe408c34822d3a5f992e34e848084383ec60935e475338d04d8d7_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

c6925dbbe240590ea30f225f83b53257

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

geos_c-b507b9da64dd81c9a36b0d02fb5c517e

GEOSWKBReader_destroy_r
GEOSWKTWriter_write_r
GEOSWKBWriter_destroy_r
GEOSEqualsExact_r
GEOSWKBWriter_create_r
GEOSWKTWriter_destroy_r
GEOSFree_r
GEOSWKTWriter_create_r
GEOSWKBReader_create_r
GEOSWKTWriter_setTrim_r
GEOSWKBReader_read_r
GEOSWKBWriter_write_r
GEOSWKTWriter_setOld3D_r
GEOSWKTWriter_setOutputDimension_r
GEOSPreparedGeom_destroy_r
GEOSWKBWriter_setOutputDimension_r
GEOSWKBWriter_setIncludeSRID_r
GEOSWKTWriter_setRoundingPrecision_r
GEOSPreparedContainsProperly_r
GEOSSTRtree_create_r
GEOSPreparedOverlaps_r
GEOSPreparedDistanceWithin_r
GEOSDistance_r
GEOSSTRtree_insert_r
GEOSPrepare_r
GEOSPreparedCovers_r
GEOSSTRtree_query_r
GEOSPreparedWithin_r
GEOSPreparedCoveredBy_r
GEOSSTRtree_destroy_r
GEOSEquals_r
GEOSPreparedContains_r
GEOSPreparedCrosses_r
GEOSPreparedIntersects_r
GEOSSTRtree_nearest_generic_r
GEOSPreparedTouches_r
GEOSGeomGetX_r
GEOSBuildArea_r
GEOSCovers_r
GEOSGeoJSONReader_destroy_r
GEOSUnion_r
GEOSDelaunayTriangulation_r
GEOSPolygonize_r
GEOSRelate_r
GEOSDifference_r
GEOSGeoJSONReader_readGeometry_r
GEOSGeoJSONWriter_create_r
GEOSGeomGetY_r
GEOSFrechetDistanceDensify_r
GEOSBufferParams_destroy_r
GEOSWKBWriter_setFlavor_r
GEOSisRing_r
GEOSCrosses_r
GEOSGeom_createEmptyCollection_r
GEOSUnionPrec_r
GEOSReverse_r
GEOSBufferParams_setQuadrantSegments_r
GEOSisClosed_r
GEOSGeomGetNumPoints_r
GEOSGeoJSONWriter_writeGeometry_r
GEOSGeom_getDimensions_r
GEOSIntersectionPrec_r
GEOSBufferParams_setJoinStyle_r
GEOSCoordSeq_isCCW_r
GEOSSymDifferencePrec_r
GEOSLineMerge_r
GEOSDisjoint_r
GEOSSetSRID_r
GEOSWKBWriter_setByteOrder_r
GEOSBufferWithParams_r
GEOSHasZ_r
GEOSHausdorffDistanceDensify_r
GEOSisSimple_r
GEOSEnvelope_r
GEOSMinimumBoundingCircle_r
GEOSGeoJSONWriter_destroy_r
GEOSGeom_createEmptyPolygon_r
GEOSRelatePattern_r
GEOSWKBWriter_writeHEX_r
GEOSTopologyPreserveSimplify_r
GEOSisValidReason_r
GEOSisValid_r
GEOSPointOnSurface_r
GEOSClipByRect_r
GEOSSymDifference_r
GEOSGeomGetZ_r
GEOSFrechetDistance_r
GEOSNearestPoints_r
GEOSGeom_extractUniquePoints_r
GEOSCoverageUnion_r
GEOSMinimumRotatedRectangle_r
GEOSHausdorffDistance_r
GEOSGeom_getExtent_r
GEOSContains_r
GEOSLineMergeDirected_r
GEOSSnap_r
GEOSCoveredBy_r
GEOSWKBReader_readHEX_r
GEOSGeom_getPrecision_r
GEOSMakeValid_r
GEOSBufferParams_create_r
GEOSVoronoiDiagram_r
GEOSUnaryUnionPrec_r
GEOSInterpolate_r
GEOSNormalize_r
GEOSMinimumClearance_r
GEOSTouches_r
GEOSBufferParams_setEndCapStyle_r
GEOSConvexHull_r
GEOSIntersects_r
GEOSLength_r
GEOSPolygonize_full_r
GEOSPreparedDisjoint_r
GEOSOverlaps_r
GEOSProject_r
GEOSSimplify_r
GEOSDifferencePrec_r
GEOSOffsetCurve_r
GEOSGeom_setPrecision_r
GEOSGetCentroid_r
GEOSGeomGetPointN_r
GEOSBufferParams_setMitreLimit_r
GEOSSharedPaths_r
GEOSBufferParams_setSingleSided_r
GEOSDistanceWithin_r
GEOSPreparedNearestPoints_r
GEOSBoundary_r
GEOSInterpolateNormalized_r
GEOSIntersection_r
GEOSConcaveHull_r
GEOSArea_r
GEOSNode_r
GEOSDensify_r
GEOSGeoJSONReader_create_r
GEOSWithin_r
GEOSRemoveRepeatedPoints_r
GEOSCoordSeq_getOrdinate_r
GEOSGeom_getCoordinateDimension_r
GEOSWKTReader_create_r
GEOSCoordSeq_copyFromArrays_r
GEOSCoordSeq_setOrdinate_r
GEOSWKTReader_read_r
GEOSGeom_getYMin_r
GEOSGeom_getXMax_r
GEOSGeom_getXMin_r
GEOSCoordSeq_copyToBuffer_r
GEOSWKTReader_destroy_r
GEOSGeom_getYMax_r
GEOSGetSRID_r
GEOSCoordSeq_copyFromBuffer_r
GEOSGeom_createPoint_r
GEOSGeom_createPointFromXY_r
GEOSGeom_createEmptyPoint_r
GEOSCoordSeq_setX_r
GEOSGetNumGeometries_r
GEOSCoordSeq_setZ_r
GEOSCoordSeq_getDimensions_r
GEOS_finish_r
GEOSGeom_clone_r
GEOSGetNumCoordinates_r
GEOSGetExteriorRing_r
GEOSGeom_createLinearRing_r
GEOSGetInteriorRingN_r
GEOS_init_r
GEOSGeom_createCollection_r
GEOSContext_setErrorMessageHandler_r
GEOSisEmpty_r
GEOSGeom_createPolygon_r
GEOSCoordSeq_destroy_r
GEOSCoordSeq_create_r
GEOSGeom_getCoordSeq_r
GEOSGeom_createLineString_r
GEOSCoordSeq_setY_r
GEOSGetNumInteriorRings_r
GEOSGeom_destroy_r
GEOSGetGeometryN_r
GEOSCoordSeq_getSize_r
GEOSUnaryUnion_r
GEOSGeomTypeId_r

python311

_Py_NotImplementedStruct
_Py_TrueStruct
PyUnicode_Substring
PyEval_SaveThread
PyEval_RestoreThread
PyBytes_FromStringAndSize
PyDict_SetItemString
PyUnicode_AsUTF8
PyErr_CheckSignals
PyExc_NotImplementedError
PyThread_get_thread_ident
PyUnicode_FromStringAndSize
PyUnicode_AsUTF8AndSize
PyType_Ready
PyList_New
PyUnicode_FromFormat
PyObject_ClearWeakRefs
_Py_FalseStruct
PyExc_UserWarning
PyBytes_AsString
PyBaseObject_Type
PyExc_ModuleNotFoundError
PyUnicode_FromString
PyErr_Print
PyExc_ImportError
PyTuple_Pack
PyCapsule_Type
PyCapsule_New
PyErr_Clear
PyObject_GetAttrString
PyModule_Create2
PyCapsule_GetPointer
PyErr_ExceptionMatches
PyModule_GetDict
PyExc_AttributeError
PyLong_FromLong
PyImport_ImportModule
PyErr_NewException
PyModule_AddObject
PyExc_TypeError
_PyArg_ParseTuple_SizeT
_Py_Dealloc
PyType_IsSubtype
PyErr_Format
PyExc_ValueError
PyErr_WarnFormat
PyErr_SetString
PyTuple_New
_Py_NoneStruct
PyExc_MemoryError
PyExc_RuntimeError
PyLong_FromSsize_t
PyExc_Warning
PyErr_WarnEx
PyBytes_Size

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initterm
_initialize_onexit_table
_execute_onexit_table
_cexit
_initialize_narrow_environment

Exports

Exports

PyInit_lib

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6925dbbe240590ea30f225f83b53257

Headers

DLL Characteristics

File Characteristics

Imports

geos_c-b507b9da64dd81c9a36b0d02fb5c517e

python311

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 99KB - Virtual size: 98KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 3KB - Virtual size: 4KB

.pdata Size: 6KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 488B

.text
Size: 99KB - Virtual size: 98KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 488B