ba1cf0556b2e57b67c7bf7ead1e634acaefe1a24f756e7be715b7472907d8138_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ba1cf0556b2e57b67c7bf7ead1e634acaefe1a24f756e7be715b7472907d8138_NeikiAnalytics.exe
Size

197KB
MD5

75037854714899143b49c5138201ebc0
SHA1

93d3a6e34dce93d05f58171f4f99cd1ebfa6199a
SHA256

ba1cf0556b2e57b67c7bf7ead1e634acaefe1a24f756e7be715b7472907d8138
SHA512

6b6f8e5d796b36c6c378fde091cead93d8554a11d652745552f6eca20523f8e7f3fc97e6713fc43791ad2a0eb1bc578dd93b1b9d3bd5750aef1aedddf381e071
SSDEEP

3072:vV5t1gHLyswCv/8ZNN/Yorgir9U4n9VhmleWPEpWcE+8DPPn:vb8Xww0ZNpYoXxileW3V+UX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba1cf0556b2e57b67c7bf7ead1e634acaefe1a24f756e7be715b7472907d8138_NeikiAnalytics.exe

Files

ba1cf0556b2e57b67c7bf7ead1e634acaefe1a24f756e7be715b7472907d8138_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

932b025339d090497c00118e9945a61b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\qb\workspace\21461\source\output\dump32\media\cmrtlib\windows\Release\igfxcmrt32.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetErrorMode
GetProcAddress
LoadLibraryExW
CreateFileW
FreeLibrary
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
GetFileSizeEx
SetFilePointerEx
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapSize
HeapReAlloc
CloseHandle
WriteConsoleW

ole32

CoTaskMemFree

Exports

Exports

??0CM_AVS_STATE_MSG_EX@@QAE@XZ
??0CM_FLAG@@QAE@XZ
?CloneKernel@CmDevice_RT@@UAEHAAPAVCmKernel@@PAV2@@Z
?CreateBuffer@CmDevice_RT@@UAEHIAAPAVCmBuffer@@@Z
?CreateBufferAlias@CmDevice_RT@@UAEHPAVCmBuffer@@AAPAVSurfaceIndex@@@Z
?CreateBufferSVM@CmDevice_RT@@UAEHIAAPAXIAAPAVCmBufferSVM@@@Z
?CreateBufferStateless@CmDevice_RT@@UAEHIIPAXAAPAVCmBufferStateless@@@Z
?CreateBufferUP@CmDevice_RT@@UAEHIPAXAAPAVCmBufferUP@@@Z
?CreateHevcVmeSurfaceG10@CmDevice_RT@@UAEHPAVCmSurface2D@@PAPAV2@1IIAAPAVSurfaceIndex@@@Z
?CreateKernel@CmDevice_RT@@UAEHPAVCmProgram@@PBDAAPAVCmKernel@@1@Z
?CreateKernel@CmDevice_RT@@UAEHPAVCmProgram@@PBDPBXAAPAVCmKernel@@1@Z
?CreateQueue@CmDevice_RT@@UAEHAAPAVCmQueue@@@Z
?CreateQueueEx@CmDevice_RT@@UAEHAAPAVCmQueue@@UCM_QUEUE_CREATE_OPTION@@@Z
?CreateSampler8x8@CmDevice_RT@@UAEHABUCM_SAMPLER_8X8_DESCR@@AAPAVCmSampler8x8@@@Z
?CreateSampler8x8Surface@CmDevice_RT@@UAEHPAVCmSurface2D@@AAPAVSurfaceIndex@@W4_CM_SAMPLER8x8_SURFACE_@@W4_CM_SURFACE_ADDRESS_CONTROL_MODE_@@@Z
?CreateSampler8x8SurfaceEx@CmDevice_RT@@UAEHPAVCmSurface2D@@AAPAVSurfaceIndex@@W4_CM_SAMPLER8x8_SURFACE_@@W4_CM_SURFACE_ADDRESS_CONTROL_MODE_@@PAUCM_FLAG@@@Z
?CreateSampler@CmDevice_RT@@UAEHABU_CM_SAMPLER_STATE@@AAPAVCmSampler@@@Z
?CreateSamplerEx@CmDevice_RT@@UAEHABU_CM_SAMPLER_STATE_EX@@AAPAVCmSampler@@@Z
?CreateSamplerSurface2D@CmDevice_RT@@UAEHPAVCmSurface2D@@AAPAVSurfaceIndex@@@Z
?CreateSamplerSurface2DEx@CmDevice_RT@@UAEHPAVCmSurface2D@@AAPAVSurfaceIndex@@PAUCM_FLAG@@@Z
?CreateSamplerSurface2DUP@CmDevice_RT@@UAEHPAVCmSurface2DUP@@AAPAVSurfaceIndex@@@Z
?CreateSamplerSurface3D@CmDevice_RT@@UAEHPAVCmSurface3D@@AAPAVSurfaceIndex@@@Z
?CreateSurface2D@CmDevice_RT@@UAEHIIW4_D3DFORMAT@@AAPAVCmSurface2D@@@Z
?CreateSurface2D@CmDevice_RT@@UAEHPAPAUIDirect3DSurface9@@IPAPAVCmSurface2D@@@Z
?CreateSurface2D@CmDevice_RT@@UAEHPAUIDirect3DSurface9@@AAPAVCmSurface2D@@@Z
?CreateSurface2DAlias@CmDevice_RT@@UAEHPAVCmSurface2D@@AAPAVSurfaceIndex@@@Z
?CreateSurface2DStateless@CmDevice_RT@@UAEHIIAAIAAPAVCmSurface2DStateless@@@Z
?CreateSurface2DUP@CmDevice_RT@@UAEHIIW4_D3DFORMAT@@PAXAAPAVCmSurface2DUP@@@Z
?CreateSurface3D@CmDevice_RT@@UAEHIIIW4_D3DFORMAT@@AAPAVCmSurface3D@@@Z
?CreateTask@CmDevice_RT@@UAEHAAPAVCmTask@@@Z
?CreateThreadGroupSpace@CmDevice_RT@@UAEHIIIIAAPAVCmThreadGroupSpace@@@Z
?CreateThreadGroupSpaceEx@CmDevice_RT@@UAEHIIIIIIAAPAVCmThreadGroupSpace@@@Z
?CreateThreadSpace@CmDevice_RT@@UAEHIIAAPAVCmThreadSpace@@@Z
?CreateVebox@CmDevice_RT@@UAEHAAPAVCmVebox@@@Z
?CreateVmeSurfaceG7_5@CmDevice_RT@@UAEHPAVCmSurface2D@@PAPAV2@1IIAAPAVSurfaceIndex@@@Z
?DestroyBufferSVM@CmDevice_RT@@UAEHAAPAVCmBufferSVM@@@Z
?DestroyBufferStateless@CmDevice_RT@@UAEHAAPAVCmBufferStateless@@@Z
?DestroyBufferUP@CmDevice_RT@@UAEHAAPAVCmBufferUP@@@Z
?DestroyEvent@CmQueue_RT@@UAEHAAPAVCmEvent@@@Z
?DestroyEventFast@CmQueue_RT@@UAEHAAPAVCmEvent@@@Z
?DestroyHevcVmeSurfaceG10@CmDevice_RT@@UAEHAAPAVSurfaceIndex@@@Z
?DestroyKernel@CmDevice_RT@@UAEHAAPAVCmKernel@@@Z
?DestroyProgram@CmDevice_RT@@UAEHAAPAVCmProgram@@@Z
?DestroySampler8x8@CmDevice_RT@@UAEHAAPAVCmSampler8x8@@@Z
?DestroySampler8x8Surface@CmDevice_RT@@UAEHAAPAVSurfaceIndex@@@Z
?DestroySampler@CmDevice_RT@@UAEHAAPAVCmSampler@@@Z
?DestroySamplerSurface@CmDevice_RT@@UAEHAAPAVSurfaceIndex@@@Z
?DestroySurface2DStateless@CmDevice_RT@@UAEHAAPAVCmSurface2DStateless@@@Z
?DestroySurface2DUP@CmDevice_RT@@UAEHAAPAVCmSurface2DUP@@@Z
?DestroySurface@CmDevice_RT@@UAEHAAPAVCmBuffer@@@Z
?DestroySurface@CmDevice_RT@@UAEHAAPAVCmSurface2D@@@Z
?DestroySurface@CmDevice_RT@@UAEHAAPAVCmSurface3D@@@Z
?DestroyTask@CmDevice_RT@@UAEHAAPAVCmTask@@@Z
?DestroyThreadGroupSpace@CmDevice_RT@@UAEHAAPAVCmThreadGroupSpace@@@Z
?DestroyThreadSpace@CmDevice_RT@@UAEHAAPAVCmThreadSpace@@@Z
?DestroyVebox@CmDevice_RT@@UAEHAAPAVCmVebox@@@Z
?DestroyVmeSurfaceG7_5@CmDevice_RT@@UAEHAAPAVSurfaceIndex@@@Z
?DispatchTask@CmDevice_RT@@UAEHXZ
?Enqueue@CmQueue_RT@@UAEHPAVCmTask@@AAPAVCmEvent@@PBVCmThreadSpace@@@Z
?EnqueueCopyCPUToCPU@CmQueue_RT@@UAEHPAE0IIAAPAVCmEvent@@@Z
?EnqueueCopyCPUToGPU@CmQueue_RT@@UAEHPAVCmSurface2D@@PBEAAPAVCmEvent@@@Z
?EnqueueCopyCPUToGPUFullStride@CmQueue_RT@@UAEHPAVCmSurface2D@@PBEIIIAAPAVCmEvent@@@Z
?EnqueueCopyCPUToGPUFullStrideDup@CmQueue_RT@@UAEHPAVCmSurface2D@@PBEIIIAAPAVCmEvent@@@Z
?EnqueueCopyGPUToCPU@CmQueue_RT@@UAEHPAVCmSurface2D@@PAEAAPAVCmEvent@@@Z
?EnqueueCopyGPUToCPUFullStride@CmQueue_RT@@UAEHPAVCmSurface2D@@PAEIIIAAPAVCmEvent@@@Z
?EnqueueCopyGPUToCPUFullStrideDup@CmQueue_RT@@UAEHPAVCmSurface2D@@PAEIIIAAPAVCmEvent@@@Z
?EnqueueCopyGPUToGPU@CmQueue_RT@@UAEHPAVCmSurface2D@@0IAAPAVCmEvent@@@Z
?EnqueueFast@CmQueue_RT@@UAEHPAVCmTask@@AAPAVCmEvent@@PBVCmThreadSpace@@@Z
?EnqueueInitSurface2D@CmQueue_RT@@UAEHPAVCmSurface2D@@IAAPAVCmEvent@@@Z
?EnqueueReadBuffer@CmQueue_RT@@UAEHPAVCmBuffer@@IPBE_KPAVCmEvent@@AAPAV3@I@Z
?EnqueueVebox@CmQueue_RT@@UAEHPAVCmVebox@@AAPAVCmEvent@@@Z
?EnqueueWithGroup@CmQueue_RT@@UAEHPAVCmTask@@AAPAVCmEvent@@PBVCmThreadGroupSpace@@@Z
?EnqueueWithGroupFast@CmQueue_RT@@UAEHPAVCmTask@@AAPAVCmEvent@@PBVCmThreadGroupSpace@@@Z
?EnqueueWithHints@CmQueue_RT@@UAEHPAVCmTask@@AAPAVCmEvent@@I@Z
?EnqueueWriteBuffer@CmQueue_RT@@UAEHPAVCmBuffer@@IPBE_KPAVCmEvent@@AAPAV3@I@Z
?FlushPrintBuffer@CmDevice_RT@@UAEHXZ
?FlushPrintBufferIntoFile@CmDevice_RT@@UAEHPBD@Z
?GetCaps@CmDevice_RT@@UAEHW4_CM_DEVICE_CAP_NAME@@AAIPAX@Z
?GetD3DDeviceManager@CmDevice_RT@@UAEHAAPAUIDirect3DDeviceManager9@@@Z
?GetSurface2DInfo@CmDevice_RT@@UAEHIIW4_D3DFORMAT@@AAI1@Z
?GetVISAVersion@CmDevice_RT@@UAEHAAI0@Z
?InitPrintBuffer@CmDevice_RT@@UAEHI@Z
?LoadProgram@CmDevice_RT@@UAEHPAXIAAPAVCmProgram@@PBD@Z
?SetCaps@CmDevice_RT@@UAEHW4_CM_DEVICE_CAP_NAME@@IPAX@Z
?SetL3Config@CmDevice_RT@@UAEHPBUL3ConfigRegisterValues@@@Z
?SetResidentGroupAndParallelThreadNum@CmQueue_RT@@UAEHII@Z
?SetSuggestedL3Config@CmDevice_RT@@UAEHW4_L3_SUGGEST_CONFIG@@@Z
?SetVmeSurfaceStateParam@CmDevice_RT@@UAEHPAVSurfaceIndex@@PAUCM_VME_SURFACE_STATE_PARAM@@@Z
CMRT_CreateBuffer
CMRT_CreateKernel
CMRT_CreateQueue
CMRT_CreateSurface2D
CMRT_CreateSurface3D
CMRT_CreateTask
CMRT_CreateThreadSpace
CMRT_DestroyBuffer
CMRT_DestroyEvent
CMRT_DestroyProgram
CMRT_DestroySurface2D
CMRT_DestroySurface3D
CMRT_DestroyTask
CMRT_DestroyThreadSpace
CMRT_EnableGTPinMarkers
CMRT_Enqueue
CMRT_GetCompleteTime
CMRT_GetEnqueueTime
CMRT_GetHWEndTime
CMRT_GetHWStartTime
CMRT_GetKernelCount
CMRT_GetKernelName
CMRT_GetKernelThreadSpace
CMRT_GetSubmitTime
CMRT_GetSurfaceDetails
CMRT_LoadProgram
CMRT_PrepareGTPinBuffers
CMRT_SetEventCallback
CMRT_SetGTPinArguments
CMRT_SetGTPinCompileMode
CmrtCodeMarkerForGTPin_AddKernel
CmrtCodeMarkerForGTPin_CreateQueue
CmrtCodeMarkerForGTPin_CreateTask
CmrtCodeMarkerForGTPin_DestroyTask
CmrtCodeMarkerForGTPin_Enqueue
CmrtCodeMarkerForGTPin_EnqueueWithGroup
CmrtCodeMarkerForGTPin_SetThreadCount
CreateCmDevice
CreateCmDeviceEx
DestroyCmDevice
GetCmErrorString

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

932b025339d090497c00118e9945a61b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 94KB - Virtual size: 93KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 5KB - Virtual size: 7KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 94KB - Virtual size: 93KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 5KB - Virtual size: 7KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 5KB - Virtual size: 5KB