2467694c8425595c8965c9f0353f4d9da69fef85ebf4b0bc9a29b39ff1a18154_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2467694c8425595c8965c9f0353f4d9da69fef85ebf4b0bc9a29b39ff1a18154_NeikiAnalytics.exe
Size

97KB
MD5

98740eead528c2e7b461f5da6430f360
SHA1

aacb2e4cd58e514190ed1301f44a2a6945640310
SHA256

2467694c8425595c8965c9f0353f4d9da69fef85ebf4b0bc9a29b39ff1a18154
SHA512

0730d53fd6e85f5745a903054288964fc52f8a24cf9107751b5a8fbbaf29cb835f1a2ca10ba0c88e8e7d14db96aa3ced88bf0807d526b4f4e1b07a58010732aa
SSDEEP

3072:uS9Oa1NG7wTRSurkcu847dM/haHXRkZYlEj7:b9Oa1cwTRSskcu847dM/ha3RkSlE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2467694c8425595c8965c9f0353f4d9da69fef85ebf4b0bc9a29b39ff1a18154_NeikiAnalytics.exe

Files

2467694c8425595c8965c9f0353f4d9da69fef85ebf4b0bc9a29b39ff1a18154_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

d061f78c4f3ffe0f9c37b9976bf2581b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\projects\repos\cerbero.git\1.24\build\sources\msvc_x86\gst-plugins-bad-1.0-1.24.4\b\sys\winks\gstwinks.pdb

Imports

gstbase-1.0-0

gst_base_src_set_format
gst_push_src_get_type
gst_base_src_set_live

gstreamer-1.0-0

_gst_fraction_range_type
_gst_int_range_type
gst_util_uint64_scale_int_round
gst_value_set_fraction_range_full
gst_value_set_fraction
gst_caps_is_equal
gst_caps_append_structure
gst_structure_set
gst_structure_set_value
gst_structure_free
gst_structure_new
gst_structure_new_empty
gst_device_provider_class_set_static_metadata
gst_device_provider_device_remove
gst_device_provider_device_add
gst_device_provider_get_type
gst_element_factory_make
_gst_fraction_type
gst_device_get_type
gst_object_ref_sink
_gst_debug_register_funcptr
_gst_debug_category_new
gst_resource_error_quark
gst_core_error_quark
gst_device_provider_register
gst_element_message_full
_gst_element_error_printf
gst_element_class_set_static_metadata
gst_element_class_add_pad_template
gst_element_register
gst_plugin_register_static
gst_pad_template_new
gst_query_set_latency
gst_buffer_new_allocate
gst_caps_fixate
gst_caps_get_size
gst_structure_fixate_field_nearest_fraction
gst_structure_fixate_field_nearest_int
gst_util_uint64_scale_int
gst_debug_category_get_threshold
gst_buffer_unmap
gst_buffer_map
gst_buffer_set_size
gst_buffer_is_all_memory_writable
gst_caps_to_string
gst_caps_is_subset
gst_caps_get_structure
gst_caps_append
gst_caps_new_empty
gst_structure_get_fraction
gst_structure_get_int
gst_structure_get_boolean
gst_mini_object_copy
gst_mini_object_make_writable
gst_mini_object_is_writable
gst_mini_object_unref
gst_mini_object_ref
_gst_debug_min
gst_debug_log
gst_clock_get_time
gst_object_unref
gst_object_ref
gst_device_get_display_name

gobject-2.0-0

g_value_unset
g_value_init
g_object_set
g_type_check_instance_is_a
g_value_get_string
g_value_get_int
g_value_set_int
g_value_get_boolean
g_value_set_boolean
g_param_spec_int
g_param_spec_boolean
g_object_notify
g_value_dup_string
g_value_set_string
g_type_class_peek_parent
g_param_spec_string
g_value_dup_object
g_value_set_object
g_param_spec_object
g_type_register_static_simple
g_type_add_instance_private
g_object_unref
g_object_new
g_object_class_install_property
g_type_name
g_type_class_adjust_private_offset

glib-2.0-0

g_ascii_table
g_list_sort
g_list_remove
g_list_append
g_malloc_n
g_strdup_printf
g_string_append
g_utf16_to_utf8
g_malloc0_n
g_malloc0
g_return_if_fail_warning
g_list_reverse
g_list_prepend
g_list_free_full
g_thread_self
g_strdup
g_ascii_strcasecmp
g_strchomp
g_log
g_intern_static_string
g_thread_new
g_thread_join
g_mutex_init
g_mutex_clear
g_mutex_lock
g_mutex_unlock
g_cond_init
g_cond_clear
g_cond_wait
g_cond_signal
g_once_init_enter
g_once_init_leave
g_assertion_message_expr
g_array_sized_new
g_array_free
g_array_append_vals
g_free
g_malloc
g_list_free
g_string_sized_new
g_string_free
g_string_append_printf

ksuser

KsCreatePin

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceInterfaceAlias
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

kernel32

GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
VerifyVersionInfoW
GetModuleHandleA
FreeLibrary
FormatMessageA
CreateFileA
CloseHandle
GetLastError
DeviceIoControl
GetOverlappedResult
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
WaitForMultipleObjects
VerSetConditionMask

user32

SetWindowLongA
GetWindowLongA
DestroyWindow
CreateWindowExA
RegisterClassExA
UnregisterClassA
PostQuitMessage
DefWindowProcA
PostMessageA
UnregisterDeviceNotification
RegisterDeviceNotificationW
DispatchMessageA
TranslateMessage
GetMessageA

vcruntime140

__std_type_info_destroy_list
__current_exception
__current_exception_context
memset
memcpy
_except_handler4_common

api-ms-win-crt-math-l1-1-0

floor
_except1

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
_initterm_e
_execute_onexit_table
_crt_atexit
_initterm
_crt_at_quick_exit
_cexit
terminate
_register_onexit_function
_initialize_narrow_environment

Exports

Exports

gst_plugin_winks_get_desc
gst_plugin_winks_register

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d061f78c4f3ffe0f9c37b9976bf2581b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gstbase-1.0-0

gstreamer-1.0-0

gobject-2.0-0

glib-2.0-0

ksuser

setupapi

kernel32

user32

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 512B - Virtual size: 1016B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 512B - Virtual size: 1016B

.reloc
Size: 4KB - Virtual size: 4KB