aa49cca8300a0184ea01b525ba2f0ba41860ebb24b6127546969b06eee8626e2_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

aa49cca8300a0184ea01b525ba2f0ba41860ebb24b6127546969b06eee8626e2_NeikiAnalytics.exe
Size

89KB
MD5

3e50070b39ff121afa2cd5e895cae4f0
SHA1

7ad507c5a2f3e75233c542e1d2967628c72c7b28
SHA256

aa49cca8300a0184ea01b525ba2f0ba41860ebb24b6127546969b06eee8626e2
SHA512

43f46464b49f0a310f46ec2fe1b4c5c61b5d8b0da888ab2cff27726a003d13a0f1e483a35da3ad3f44ba1d6f5edf5a31b8db19e07680592277e61e9e8b697265
SSDEEP

1536:NxzK0JLwVKx0QscEEiPuhv82P6qufYqqSgYB4fWkjiLuvNgdI78Paq:XK1IIZPuv82yYqqS1Ae5dJT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa49cca8300a0184ea01b525ba2f0ba41860ebb24b6127546969b06eee8626e2_NeikiAnalytics.exe

Files

aa49cca8300a0184ea01b525ba2f0ba41860ebb24b6127546969b06eee8626e2_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

3464c190b88d6a81d51ed18af02dc62b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

ShaderCompileWorker-WorkspaceMenuStructure.pdb

Imports

shadercompileworker-core

?ThreadStackWalkAndDump@FWindowsPlatformStackWalk@@SAXPEAD_KHI@Z
?GetDestructionSentinelStackTls@FMRSWRecursiveAccessDetector@@CAAEAV?$TArray@PEAUFDestructionSentinel@FMRSWRecursiveAccessDetector@@V?$TSizedInlineAllocator@$03$0CA@V?$TSizedDefaultAllocator@$0CA@@@@@@@XZ
?GetReadersTls@FMRSWRecursiveAccessDetector@@CAAEAV?$TArray@UFReaderNum@FMRSWRecursiveAccessDetector@@V?$TSizedInlineAllocator@$03$0CA@V?$TSizedDefaultAllocator@$0CA@@@@@@@XZ
?GetBlocks@FNameDebugVisualizer@@SAPEAPEAEXZ
??4FText@@QEAAAEAV0@$$QEAV0@@Z
?CompareTo@FText@@QEBAHAEBV1@W4Type@ETextComparisonLevel@@@Z
?ForUseOnlyByLocMacroAndGraphNodeTextLiterals_CreateText@FInternationalization@@SA?AVFText@@PEB_W00@Z
??0FName@@QEAA@PEBDW4EFindName@@@Z
?FromValidEName@FNameEntryId@@CA?AU1@W4EName@@@Z
??0FString@@QEAA@PEB_W@Z
?GCoreObjectArrayForDebugVisualizers@@3PEAVFChunkedFixedUObjectArray@@EA
?ResizeAllocation@ForAnyElementType@?$TSizedHeapAllocator@$0CA@UFMemory@@@@QEAAXHH_KI@Z
?ResizeAllocation@ForAnyElementType@?$TSizedHeapAllocator@$0CA@UFMemory@@@@QEAAXHH_K@Z
?OnInvalidArrayNum@Private@Core@UE@@YAX_K@Z
?StackWalkAndDump@FWindowsPlatformStackWalk@@SAXPEAD_KHPEAX@Z
?QuantizeSize@FMemory@@SA_K_KI@Z
?Free@FMemory@@SAXPEAX@Z
?Realloc@FMemory@@SAPEAXPEAX_KI@Z
?Malloc@FMemory@@SAPEAX_KI@Z
?EnsureFailed@Private@Assert@UE@@YA_NAEAU?$atomic@_N@std@@PEBUFStaticEnsureRecord@123@ZZ
?CheckVerifyFailedImpl2@FDebug@@SA_NPEBD0HPEB_WZZ
?IsEnsureAllowed@FGenericPlatformMisc@@SA_NXZ
?GCoreObjectHandlePackageDebug@@3PEAUFObjectHandlePackageDebugData@Private@CoreUObject@UE@@EA
?GCoreComplexObjectPathDebug@@3PEAUFStoredObjectPathDebug@Private@CoreUObject@UE@@EA
??0FText@@QEAA@XZ

shadercompileworker-slatecore

?Get@FAppStyle@@SAAEBVISlateStyle@@XZ
?GetAppStyleSetName@FAppStyle@@SA?BVFName@@XZ
??0FSlateIcon@@QEAA@VFName@@000@Z
??0FSlateIcon@@QEAA@XZ

kernel32

RtlCaptureContext
GetStartupInfoW
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleHandleW
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentThreadId
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
IsDebuggerPresent

vcruntime140

memset
__C_specific_handler
__std_type_info_destroy_list
__current_exception
_purecall
memmove
__current_exception_context
memcpy

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-math-l1-1-0

logf

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_crt_atexit
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_crt_at_quick_exit
_cexit
terminate
_initialize_narrow_environment

Exports

Exports

InitializeModule

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uedbg
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3464c190b88d6a81d51ed18af02dc62b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shadercompileworker-core

shadercompileworker-slatecore

kernel32

vcruntime140

vcruntime140_1

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 35KB

.uedbg Size: 2KB - Virtual size: 2KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 26KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 276B

.text
Size: 35KB - Virtual size: 35KB

.uedbg
Size: 2KB - Virtual size: 2KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 26KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 276B