ad387738f464ab83a484ae825e52221212ca837d066b177c94887061975ca22d_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ad387738f464ab83a484ae825e52221212ca837d066b177c94887061975ca22d_NeikiAnalytics.exe
Size

13KB
MD5

59f91baed52aea4373c722e8d82f3db0
SHA1

6e5313340ea0967446d6c0edd2926cf892a94e65
SHA256

ad387738f464ab83a484ae825e52221212ca837d066b177c94887061975ca22d
SHA512

530c0a4a6c130c9767f43fd93de2520f972e694866b85489f61e50121645f557f727b98c9918111a4d3de98e625ae8158308811cf3f6846f66045617da06a6d2
SSDEEP

192:ZtIpaxYnjuuWCNdYQYoR4JCEw88G8GZGZGcGDGvGoG8GDGvGYGkGRBTWxqlGts2M:rzduWCyBYu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad387738f464ab83a484ae825e52221212ca837d066b177c94887061975ca22d_NeikiAnalytics.exe

Files

ad387738f464ab83a484ae825e52221212ca837d066b177c94887061975ca22d_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

83be9648de26685bc49b063999aac590

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

S:\wtf\_x86\library.qt\lib.widget.thirdparty.dll:pdb

Imports

system

?unlock@InitCode@@SAXXZ
?lock@InitCode@@SAXXZ
?free@Heap@@SAXPAXI0I@Z
??_7type_info@@6B@

qtgui4

?timerEvent@QAbstractButton@qt@@MAEXPAVQTimerEvent@2@@Z
?changeEvent@QAbstractButton@qt@@MAEXPAVQEvent@2@@Z
?mouseMoveEvent@QAbstractButton@qt@@MAEXPAVQMouseEvent@2@@Z
?mouseReleaseEvent@QAbstractButton@qt@@MAEXPAVQMouseEvent@2@@Z
?mousePressEvent@QAbstractButton@qt@@MAEXPAVQMouseEvent@2@@Z
?keyReleaseEvent@QAbstractButton@qt@@MAEXPAVQKeyEvent@2@@Z
?nextCheckState@QAbstractButton@qt@@MAEXXZ
?checkStateSet@QAbstractButton@qt@@MAEXXZ
?hitButton@QAbstractButton@qt@@MBE_NABVQPoint@2@@Z
?isChecked@QAbstractButton@qt@@QBE_NXZ
?iconSize@QAbstractButton@qt@@QBE?AVQSize@2@XZ
?icon@QAbstractButton@qt@@QBE?AVQIcon@2@XZ
?text@QAbstractButton@qt@@QBE?AVQString@2@XZ
?width@QPixmap@qt@@QBEHXZ
??1QPixmap@qt@@UAE@XZ
??0QStyleOptionButton@qt@@QAE@XZ
?isNull@QIcon@qt@@QBE_NXZ
?pixmap@QIcon@qt@@QBE?AVQPixmap@2@ABVQSize@2@W4Mode@12@W4State@12@@Z
??1QIcon@qt@@QAE@XZ
?languageChange@QWidget@qt@@MAEXXZ
?windowActivationChange@QWidget@qt@@MAEX_N@Z
?fontChange@QWidget@qt@@MAEXABVQFont@2@@Z
?paletteChange@QWidget@qt@@MAEXABVQPalette@2@@Z
?enabledChange@QWidget@qt@@MAEX_N@Z
??1QFontMetrics@qt@@QAE@XZ
?focusNextPrevChild@QWidget@qt@@MAE_N_N@Z
?inputMethodQuery@QWidget@qt@@UBE?AVQVariant@2@W4InputMethodQuery@Qt@2@@Z
?inputMethodEvent@QWidget@qt@@MAEXPAVQInputMethodEvent@2@@Z
?metric@QWidget@qt@@MBEHW4PaintDeviceMetric@QPaintDevice@2@@Z
?hideEvent@QWidget@qt@@MAEXPAVQHideEvent@2@@Z
?showEvent@QWidget@qt@@MAEXPAVQShowEvent@2@@Z
?dropEvent@QWidget@qt@@MAEXPAVQDropEvent@2@@Z
?dragLeaveEvent@QWidget@qt@@MAEXPAVQDragLeaveEvent@2@@Z
?dragMoveEvent@QWidget@qt@@MAEXPAVQDragMoveEvent@2@@Z
?dragEnterEvent@QWidget@qt@@MAEXPAVQDragEnterEvent@2@@Z
?actionEvent@QWidget@qt@@MAEXPAVQActionEvent@2@@Z
?tabletEvent@QWidget@qt@@MAEXPAVQTabletEvent@2@@Z
?contextMenuEvent@QWidget@qt@@MAEXPAVQContextMenuEvent@2@@Z
?closeEvent@QWidget@qt@@MAEXPAVQCloseEvent@2@@Z
?resizeEvent@QWidget@qt@@MAEXPAVQResizeEvent@2@@Z
?moveEvent@QWidget@qt@@MAEXPAVQMoveEvent@2@@Z
?leaveEvent@QWidget@qt@@MAEXPAVQEvent@2@@Z
?enterEvent@QWidget@qt@@MAEXPAVQEvent@2@@Z
?wheelEvent@QWidget@qt@@MAEXPAVQWheelEvent@2@@Z
?mouseDoubleClickEvent@QWidget@qt@@MAEXPAVQMouseEvent@2@@Z
?paintEngine@QWidget@qt@@UBEPAVQPaintEngine@2@XZ
?heightForWidth@QWidget@qt@@UBEHH@Z
?setVisible@QWidget@qt@@UAEX_N@Z
?repaint@QWidget@qt@@QAEXXZ
?hasFocus@QWidget@qt@@QBE_NXZ
?style@QWidget@qt@@QBEPAVQStyle@2@XZ
?devType@QWidget@qt@@UBEHXZ
??1QStyleOptionButton@qt@@QAE@XZ
?fontMetrics@QWidget@qt@@QBE?AVQFontMetrics@2@XZ
?isEnabled@QWidget@qt@@QBE_NXZ
?qt_metacall@QPushButton@qt@@UAEHW4Call@QMetaObject@2@HPAPAX@Z
?qt_metacast@QPushButton@qt@@UAEPAXPBD@Z
?staticMetaObject@QPushButton@qt@@2UQMetaObject@2@B
?elidedText@QFontMetrics@qt@@QBE?AVQString@2@ABV32@W4TextElideMode@Qt@2@HH@Z
??0QPainter@qt@@QAE@XZ
??1QPainter@qt@@QAE@XZ
?begin@QPainter@qt@@QAE_NPAVQPaintDevice@2@@Z
??0QPushButton@qt@@QAE@ABVQString@1@PAVQWidget@1@@Z
??0QPushButton@qt@@QAE@PAVQWidget@1@@Z
??1QPushButton@qt@@UAE@XZ
?sizeHint@QPushButton@qt@@UBE?AVQSize@2@XZ
?minimumSizeHint@QPushButton@qt@@UBE?AVQSize@2@XZ
?event@QPushButton@qt@@MAE_NPAVQEvent@2@@Z
?keyPressEvent@QPushButton@qt@@MAEXPAVQKeyEvent@2@@Z
?focusInEvent@QPushButton@qt@@MAEXPAVQFocusEvent@2@@Z
?focusOutEvent@QPushButton@qt@@MAEXPAVQFocusEvent@2@@Z
?initStyleOption@QPushButton@qt@@IBEXPAVQStyleOptionButton@2@@Z
?styleChange@QWidget@qt@@MAEXAAVQStyle@2@@Z

qtcore4

??4QString@qt@@QAEAAV01@$$QAV01@@Z
??9QString@qt@@QBE_NABV01@@Z
??1QString@qt@@QAE@XZ
?adjusted@QRect@qt@@QBE?AV12@HHHH@Z
??9qt@@YA_NABVQRect@0@0@Z
?tr@QMetaObject@qt@@QBE?AVQString@2@PBD0H@Z
?tr@QMetaObject@qt@@QBE?AVQString@2@PBD0@Z
?trUtf8@QMetaObject@qt@@QBE?AVQString@2@PBD0H@Z
?trUtf8@QMetaObject@qt@@QBE?AVQString@2@PBD0@Z
??4QString@qt@@QAEAAV01@ABV01@@Z
?shared_null@QString@qt@@0UData@12@A
?eventFilter@QObject@qt@@UAE_NPAV12@PAVQEvent@2@@Z
?childEvent@QObject@qt@@MAEXPAVQChildEvent@2@@Z
?customEvent@QObject@qt@@MAEXPAVQEvent@2@@Z
?connectNotify@QObject@qt@@MAEXPBD@Z
?disconnectNotify@QObject@qt@@MAEXPBD@Z

Exports

Exports

??0ElidedButton@ThirdParty@Widgets@Libraries@@QAE@ABVQString@qt@@PAVQWidget@5@@Z
??0ElidedButton@ThirdParty@Widgets@Libraries@@QAE@PAVQWidget@qt@@@Z
??1ElidedButton@ThirdParty@Widgets@Libraries@@UAE@XZ
??_7ElidedButton@ThirdParty@Widgets@Libraries@@6BQObject@qt@@@
??_7ElidedButton@ThirdParty@Widgets@Libraries@@6BQPaintDevice@qt@@@
??_FElidedButton@ThirdParty@Widgets@Libraries@@QAEXXZ
?getElideMode@ElidedButton@ThirdParty@Widgets@Libraries@@QBE?AW4TextElideMode@Qt@qt@@XZ
?metaObject@ElidedButton@ThirdParty@Widgets@Libraries@@UBEPBUQMetaObject@qt@@XZ
?paintEvent@ElidedButton@ThirdParty@Widgets@Libraries@@MAEXPAVQPaintEvent@qt@@@Z
?qt_metacall@ElidedButton@ThirdParty@Widgets@Libraries@@UAEHW4Call@QMetaObject@qt@@HPAPAX@Z
?qt_metacast@ElidedButton@ThirdParty@Widgets@Libraries@@UAEPAXPBD@Z
?qt_static_metacall@ElidedButton@ThirdParty@Widgets@Libraries@@CAXPAVQObject@qt@@W4Call@QMetaObject@6@HPAPAX@Z
?setElideMode@ElidedButton@ThirdParty@Widgets@Libraries@@QAEXW4TextElideMode@Qt@qt@@@Z
?staticMetaObject@ElidedButton@ThirdParty@Widgets@Libraries@@2UQMetaObject@qt@@B
?staticMetaObjectExtraData@ElidedButton@ThirdParty@Widgets@Libraries@@0UQMetaObjectExtraData@qt@@B
?tr@ElidedButton@ThirdParty@Widgets@Libraries@@SA?AVQString@qt@@PBD0@Z
?tr@ElidedButton@ThirdParty@Widgets@Libraries@@SA?AVQString@qt@@PBD0H@Z
?trUtf8@ElidedButton@ThirdParty@Widgets@Libraries@@SA?AVQString@qt@@PBD0@Z
?trUtf8@ElidedButton@ThirdParty@Widgets@Libraries@@SA?AVQString@qt@@PBD0H@Z

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83be9648de26685bc49b063999aac590

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

system

qtgui4

qtcore4

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 232B

.reloc Size: 1024B - Virtual size: 556B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 232B

.reloc
Size: 1024B - Virtual size: 556B