108542471898313827ce97434b83c9d8435059af43909fdaa672c30de221190e_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

108542471898313827ce97434b83c9d8435059af43909fdaa672c30de221190e_NeikiAnalytics.exe
Size

1.5MB
MD5

20f0ba857b1f1229aa9d9946f378c000
SHA1

faafc17a6e16bdb7aa4bacd25e16faad0a164338
SHA256

108542471898313827ce97434b83c9d8435059af43909fdaa672c30de221190e
SHA512

6ba74a946c649db15af7fd9954b385d4e53b4541a9718718cf121bda7156e61028f04a6356fa89f81daa8dc087cd97a194bdf14cfd2946b0ece0fa49f5a48433
SSDEEP

24576:WXdprEfcF+8j5UTJpmAomPy5lXoCZ4Tor:q/3jOFpJxPy5l4BT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
108542471898313827ce97434b83c9d8435059af43909fdaa672c30de221190e_NeikiAnalytics.exe

Files

108542471898313827ce97434b83c9d8435059af43909fdaa672c30de221190e_NeikiAnalytics.exe
.dll windows:6 windows

aa3df4ec83bb6af5cff5f13e083b5a8b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libvlccore

config_GetFloat
config_GetPsz
config_GetSysPath
config_GetUserDir
config_PutFloat
config_PutPsz
config_SaveConfigFile
image_HandlerCreate
image_HandlerDelete
input_Control
input_GetItem
input_item_AddOption
input_item_GetMeta
input_item_GetTitleFbName
input_item_GetURI
input_item_Hold
input_item_NewExt
input_item_Release
input_item_node_Delete
libvlc_Quit
module_need
module_unneed
picture_Release
playlist_Add
playlist_AssertLocked
playlist_Control
playlist_CurrentInput
playlist_CurrentPlayingItem
playlist_Deactivate
playlist_EnableAudioFilter
playlist_Export
playlist_GetAout
playlist_Import
playlist_ItemGetById
playlist_ItemGetByInput
playlist_Lock
playlist_MuteGet
playlist_MuteSet
playlist_NodeAddInput
playlist_NodeDelete
playlist_RecursiveNodeSort
playlist_Unlock
playlist_VolumeSet
playlist_VolumeUp
var_AddCallback
var_Change
var_Create
var_DelCallback
var_Destroy
var_GetAndSet
var_GetChecked
var_Inherit
var_SetChecked
var_TriggerCallback
var_Type
vlc_Log
vlc_clone
vlc_cond_destroy
vlc_cond_init
vlc_cond_signal
vlc_cond_wait
vlc_fopen
vlc_gettext
vlc_join
vlc_keycode2str
vlc_mkdir
vlc_mutex_destroy
vlc_mutex_init
vlc_mutex_lock
vlc_mutex_unlock
vlc_object_create
vlc_object_hold
vlc_object_release
vlc_opendir
vlc_path2uri
vlc_readdir
vlc_restorecancel
vlc_savecancel
vlc_stat
vlc_stream_Delete
vlc_stream_NewMRL
vlc_stream_NewURL
vlc_stream_Read
vlc_stream_ReadDir
vlc_stream_directory_Attach
vlc_strfinput
vlc_uri2path
vout_OSDMessage
xml_Create
xml_Delete
xml_ReaderCreate
xml_ReaderDelete

gdi32

BitBlt
CombineRgn
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
LineTo
MoveToEx
OffsetRgn
PtInRegion
SelectClipRgn
SelectObject

ole32

OleInitialize
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

msimg32

AlphaBlend

ucrtbase

___lc_codepage_func
___mb_cur_max_func
__acrt_iob_func
__p___argc
__p___argv
__p___wargv
__p__environ
__p__wenviron
__pctype_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vswprintf
__timezone
__tzname
_aligned_free
_aligned_malloc
_beginthreadex
_close
_configthreadlocale
_configure_narrow_argv
_configure_wide_argv
_create_locale
_crt_atexit
_errno
_execute_onexit_table
_exit
_findclose
_free_locale
_fseeki64
_ftelli64
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_isctype_l
_iswalpha_l
_iswcntrl_l
_iswdigit_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_lock_file
_mbslen
_mbtowc_l
_open
_register_onexit_function
_set_app_type
_strcoll_l
_strdup
_strftime_l
_strnicmp
_strtod_l
_strtoi64_l
_strtoui64_l
_strxfrm_l
_tolower_l
_toupper_l
_towlower_l
_towupper_l
_tzset
_unlock_file
_wcscoll_l
_wcsxfrm_l
_wfindfirst32
_wfindnext32
_wfullpath
_write
_wtempnam
abort
acosf
atof
atoi
bsearch
calloc
fclose
fflush
fopen
fputc
fread
free
fseek
ftell
fwrite
getc
getenv
islower
isspace
isupper
iswctype
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
pow
qsort
raise
realloc
rewind
setlocale
strcat
strcmp
strcpy
strerror
strerror_s
strlen
strncmp
strncpy
strrchr
strstr
strtod
strtol
strtoul
tolower
toupper
ungetc
wcrtomb_s
wcscat
wcscpy
wcslen
wcsncpy
wcstod
wcstol
wcstoul

shell32

DragQueryFileW
SHFileOperationW
Shell_NotifyIconW

user32

BeginPaint
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyMenu
DestroyWindow
DispatchMessageW
EndPaint
EnumDisplayMonitors
FillRect
GetClassInfoW
GetCursorPos
GetDC
GetKeyState
GetMenuItemCount
GetMenuItemID
GetMessageW
GetMonitorInfoW
GetSystemMetrics
GetWindowLongW
InsertMenuItemW
InvalidateRect
KillTimer
LoadCursorW
LoadIconW
MapVirtualKeyW
MessageBoxW
MonitorFromWindow
MoveWindow
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassW
RegisterClipboardFormatW
ReleaseCapture
ReleaseDC
SendMessageW
SetCapture
SetCursor
SetForegroundWindow
SetLayeredWindowAttributes
SetParent
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
ShowWindow
SystemParametersInfoW
TrackMouseEvent
TrackPopupMenuEx
TranslateMessage
UpdateWindow

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesW
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadId
GetTickCount
GlobalLock
GlobalUnlock
InitOnceExecuteOnce
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSRWLockExclusive
ReleaseSRWLockShared
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SwitchToThread
TerminateProcess
TlsGetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
__chkstk

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

psapi

EnumProcessModules

Exports

Exports

vlc_entry__4_0_3
vlc_entry_copyright__4_0_3
vlc_entry_license__4_0_3

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ctors
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dtors
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fram
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gcc_exc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa3df4ec83bb6af5cff5f13e083b5a8b

Headers

DLL Characteristics

File Characteristics

Imports

libvlccore

gdi32

ole32

msimg32

ucrtbase

shell32

user32

kernel32

advapi32

psapi

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 251KB - Virtual size: 251KB

.data Size: 512B - Virtual size: 7KB

.CRT Size: 512B - Virtual size: 44B

.ctors Size: 512B - Virtual size: 40B

.dtors Size: 512B - Virtual size: 8B

.eh_fram Size: 115KB - Virtual size: 115KB

.gcc_exc Size: 43KB - Virtual size: 42KB

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 40KB - Virtual size: 40KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 251KB - Virtual size: 251KB

.data
Size: 512B - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 44B

.ctors
Size: 512B - Virtual size: 40B

.dtors
Size: 512B - Virtual size: 8B

.eh_fram
Size: 115KB - Virtual size: 115KB

.gcc_exc
Size: 43KB - Virtual size: 42KB

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 40KB - Virtual size: 40KB