1e4180325dd785b9625dd0538ee30b31a92d38e9f0d61cb1a8dddc60e1da0524_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1e4180325dd785b9625dd0538ee30b31a92d38e9f0d61cb1a8dddc60e1da0524_NeikiAnalytics.exe
Size

81KB
MD5

4085a48e92202655518c7e01b2957f90
SHA1

fa6fd4c4da712e3a610b961f8f1433b0521029ed
SHA256

1e4180325dd785b9625dd0538ee30b31a92d38e9f0d61cb1a8dddc60e1da0524
SHA512

70a1ade2611cf7bd25770381b25e03a74c371ae56b5c6809ab4ab5a41fe0a068cfb1e95611d680631a37edbda90eae8a04bbb06fe260cd0e87d8c8cae40101ff
SSDEEP

1536:h26Er+q2tZZU89M8VDJ2Os7ntg+DOLc2vHPOAiv99tr8YRo:ojr+q2t089cXy+DOA2fPOAo8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e4180325dd785b9625dd0538ee30b31a92d38e9f0d61cb1a8dddc60e1da0524_NeikiAnalytics.exe

Files

1e4180325dd785b9625dd0538ee30b31a92d38e9f0d61cb1a8dddc60e1da0524_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

d72f68e300246e4aa216c606c40ee822

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\UnTraDe\Desktop\gtamods\citizendev\citizenmp\bin\five\release\font-renderer.pdb

Imports

dwrite

DWriteCreateFactory

kernel32

GetTickCount64
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
VirtualAlloc
CreateEventW
WaitForSingleObject
SetEvent
ExitProcess
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
GetModuleHandleW
GetModuleFileNameW
OutputDebugStringA
DisableThreadLibraryCalls

user32

MessageBoxA

corert

?g_instanceRegistry@@3V?$InstanceRegistryBase@PEAX@@A
CoreIsDebuggerPresent
?Initialize@Component@@UEAA_NAEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1Component@@UEAA@XZ
??0Component@@QEAA@XZ

rage-graphics-five

?SetDepthStencilState@@YAXI@Z
?GetStockStateIdentifier@@YAIW4StateType@@@Z
?GetGameResolution@@YAXAEAH0@Z
?OnPostFrontendRender@@3V?$fwEvent@$$$V@@A
?GetDepthStencilState@@YAIXZ
?GetBlendState@@YAIXZ
?GetRasterizerState@@YAIXZ
?PopDrawBlitImShader@@YAXXZ
?PushDrawBlitImShader@@YAXXZ
?DrawImVertices@@YAXXZ
?AddImVertex@@YAXMMMMMMIMM@Z
?BeginImVertices@@YAXHH@Z
?IsOnRenderThread@@YA_NXZ
?EnqueueGenericDrawCommand@@YAXP6AX_K0@ZPEA_K2@Z
?getInstance@grcTextureFactory@rage@@SAPEAV12@XZ
?GetNoneTexture@grcTextureFactory@rage@@SAPEAVgrcTexture@2@XZ
?IsRenderSystemColorSwapped@grcTexture@rage@@SA_NXZ
?SetTextureGtaIm@@YAXPEAVgrcTexture@rage@@@Z
?SetRasterizerState@@YAXI@Z
?SetBlendState@@YAXI@Z

msvcp120

?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
??0id@locale@std@@QEAA@_K@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAPEBDH@Z
?_Orphan_all@_Container_base0@std@@QEAAXXZ
_Mtx_init
_Mtx_destroy
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
?_Random_device@std@@YAIXZ

msvcr120

__crtCapturePreviousContext
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
__crtTerminateProcess
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memmove
mbstowcs
_wassert
_CxxThrowException
__CxxFrameHandler3
memcmp
memcpy
_purecall
_aligned_free
_aligned_malloc
memset
qsort
??_V@YAXPEAX@Z
_aligned_realloc
printf
exit
wcsrchr
_wcsnicmp
__C_specific_handler
_vsnprintf
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e
__crt_debugger_hook
__crtUnhandledException

d3d9

D3DPERF_EndEvent
D3DPERF_BeginEvent

Exports

Exports

?TheFonts@@3PEAVFontRenderer@@EA
CreateComponent

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d72f68e300246e4aa216c606c40ee822

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

dwrite

kernel32

user32

corert

rage-graphics-five

msvcp120

msvcr120

d3d9

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 3KB - Virtual size: 106KB

.pdata Size: 4KB - Virtual size: 3KB

.tls Size: 512B - Virtual size: 33B

.rsrc Size: 1024B - Virtual size: 704B

.reloc Size: 512B - Virtual size: 448B

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 3KB - Virtual size: 106KB

.pdata
Size: 4KB - Virtual size: 3KB

.tls
Size: 512B - Virtual size: 33B

.rsrc
Size: 1024B - Virtual size: 704B

.reloc
Size: 512B - Virtual size: 448B