341a7fa09d92f0f546c9c42e51a2297ddfdaac8209c9d27f46bc43ab1c65a7a1_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

341a7fa09d92f0f546c9c42e51a2297ddfdaac8209c9d27f46bc43ab1c65a7a1_NeikiAnalytics.exe
Size

7.2MB
MD5

474c81a9c9eaa89a5921cda299767ac0
SHA1

49a8c01f94039a68b87952d3ba826f532cedffc8
SHA256

341a7fa09d92f0f546c9c42e51a2297ddfdaac8209c9d27f46bc43ab1c65a7a1
SHA512

22bf61568e1fd25d23201381ad75b16fb4b5202fa92ec3e3f34072b77c59567a95d51d8f8cb84ade4cb3f8a7c28d719c8f9871e94bab8242dcfddd9c91029e93
SSDEEP

196608:dMsSC9mYTg/hUrqnk8rGEpkamrx1+yc0EIP2Tl7UA3PUf1aWl+3Q4h5f/Lu/Llc6:MCMrGEKNrxqEA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
341a7fa09d92f0f546c9c42e51a2297ddfdaac8209c9d27f46bc43ab1c65a7a1_NeikiAnalytics.exe

Files

341a7fa09d92f0f546c9c42e51a2297ddfdaac8209c9d27f46bc43ab1c65a7a1_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WorkSpace\Source\ClientSource\Bin\Test\RF_Online.pdb

Exports

Exports

??0GBufferedFile@@IAE@XZ
??0GBufferedFile@@QAE@PAVGFile@@@Z
??0GEvent@@QAE@_N0@Z
??0GImage@@QAE@ABV0@@Z
??0GImage@@QAE@ABVGImageBase@@@Z
??0GImage@@QAE@W4ImageFormat@GImageBase@@KK@Z
??0GImage@@QAE@XZ
??0GMutex@@QAE@_N0@Z
??0GRefCountBaseImpl@@QAE@PAVGRefCountImpl@@@Z
??0GRefCountBaseImpl@@QAE@XZ
??0GSemaphore@@QAE@H_N@Z
??0GSysFile@@QAE@ABVGString@@HH@Z
??0GSysFile@@QAE@XZ
??0GThread@@QAE@ABUCreateParams@0@@Z
??0GThread@@QAE@IH@Z
??0GThread@@QAE@P6AHPAV0@PAX@Z1IHW4ThreadState@0@@Z
??0GWaitCondition@@QAE@XZ
??1GAcquireInterface@@UAE@XZ
??1GBufferedFile@@UAE@XZ
??1GDefaultAcquireInterface@@UAE@XZ
??1GEvent@@UAE@XZ
??1GFxLoader@@UAE@XZ
??1GImage@@UAE@XZ
??1GMutex@@UAE@XZ
??1GRefCountBaseImpl@@UAE@XZ
??1GSemaphore@@UAE@XZ
??1GThread@@UAE@XZ
??1GWaitCondition@@QAE@XZ
??EGSemaphore@@QAEHH@Z
??FGSemaphore@@QAEHH@Z
??YGSemaphore@@QAEHH@Z
??ZGSemaphore@@QAEHH@Z
??_FGEvent@@QAEXXZ
??_FGMutex@@QAEXXZ
??_FGSemaphore@@QAEXXZ
??_FGThread@@QAEXXZ
?Acquire@GWaitable@@QAE_NI@Z
?AcquireMultipleObjects@GAcquireInterface@@SA_NPAPAVGWaitable@@II@Z
?AcquireOneOfMultipleObjects@GAcquireInterface@@SAHPAPAVGWaitable@@II@Z
?AddWaitHandler@GWaitable@@QAE_NP6AXPAX@Z0@Z
?Append@GMatrix2D@@QAEAAV1@ABV1@@Z
?Blend@GColor@@SG?AV1@V1@0M@Z
?BytesAvailable@GBufferedFile@@UAEHXZ
?CallWaitHandlers@GWaitable@@QAEXXZ
?CallWaitHandlers@HandlerArray@GWaitable@@QAEXXZ
?CanAcquire@GAcquireInterface@@UAE_NXZ
?CanAcquire@GEvent@@UAE_NXZ
?CanAcquire@GMutex@@UAE_NXZ
?CanAcquire@GSemaphore@@UAE_NXZ
?ChangeSize@GBufferedFile@@UAE_NH@Z
?Close@GBufferedFile@@UAE_NXZ
?Close@GSysFile@@UAE_NXZ
?ConvertHSIToRGB@GColor@@SGXNNNPAN00@Z
?ConvertRGBToHSI@GColor@@SGXNNNPAN00@Z
?CopyFromStream@GBufferedFile@@UAEHPAVGFile@@H@Z
?CreateWaitableIncrement@GSemaphore@@QAEPAVGWaitable@@H@Z
?DoesFlip@GMatrix2D@@QBE_NXZ
?EncloseTransform@GMatrix2D@@QBEXPAV?$GRect@M@@ABV2@@Z
?Exit@GThread@@UAEXH@Z
?FinishAllThreads@GThread@@SAXXZ
?Flush@GBufferedFile@@UAE_NXZ
?FlushBuffer@GBufferedFile@@IAEXXZ
?Format@GColor@@QBEXPAD@Z
?Format@GMatrix2D@@QBEXPAD@Z
?GetAcquireInterface@GEvent@@UAEPAVGAcquireInterface@@XZ
?GetAcquireInterface@GMutex@@UAEPAVGAcquireInterface@@XZ
?GetAcquireInterface@GSemaphore@@UAEPAVGAcquireInterface@@XZ
?GetAcquireInterface@GWaitable@@UAEPAVGAcquireInterface@@XZ
?GetCPUCount@GThread@@SAHXZ
?GetDefaultAcquireInterface@GDefaultAcquireInterface@@SAPAV1@XZ
?GetDeterminant@GMatrix2D@@QBEMXZ
?GetErrorCode@GSysFile@@UAEHXZ
?GetExitFlag@GThread@@QBE_NXZ
?GetFileStat@GSysFile@@SA_NPAUGFileStat@@ABVGString@@@Z
?GetHSI@GColor@@QBEXPAH00@Z
?GetHSI@GColor@@QBEXPAM00@Z
?GetHSV@GColor@@QBEXPAH00@Z
?GetHSV@GColor@@QBEXPAM00@Z
?GetLength@GBufferedFile@@UAEHXZ
?GetMaxScale@GMatrix2D@@QBEMXZ
?GetRotation@GMatrix2D@@QBENXZ
?GetThreadState@GThread@@QBE?AW4ThreadState@1@XZ
?GetX@GMatrix2D@@QBEMXZ
?GetXScale@GMatrix2D@@QBENXZ
?GetY@GMatrix2D@@QBEMXZ
?GetYScale@GMatrix2D@@QBENXZ
?IsFinished@GThread@@QBE_NXZ
?IsLockedByAnotherThread@GMutex@@QAE_NXZ
?IsSignaled@GEvent@@UBE_NXZ
?IsSignaled@GMutex@@UBE_NXZ
?IsSignaled@GSemaphore@@UBE_NXZ
?IsSignaled@GWaitable@@UBE_NXZ
?IsSuspended@GThread@@QBE_NXZ
?IsValid@GMatrix2D@@QBE_NXZ
?IsValid@GSysFile@@UAE_NXZ
?LGetLength@GBufferedFile@@UAE_JXZ
?LSeek@GBufferedFile@@UAE_J_JH@Z
?LTell@GBufferedFile@@UAE_JXZ
?LoadBuffer@GBufferedFile@@IAEXXZ
?Lock@GMutex@@QAEXXZ
?MSleep@GThread@@SA_NI@Z
?Notify@GWaitCondition@@QAEXXZ
?NotifyAll@GWaitCondition@@QAEXXZ
?ObtainSemaphore@GSemaphore@@QAE_NHI@Z
?OnExit@GThread@@UAEXXZ
?Open@GSysFile@@QAE_NABVGString@@HH@Z
?Prepend@GMatrix2D@@QAEAAV1@ABV1@@Z
?PulseEvent@GEvent@@QAEXXZ
?Read@GBufferedFile@@UAEHPAEH@Z
?Release@HandlerArray@GWaitable@@QAEXXZ
?ReleaseSemaphore@GSemaphore@@QAE_NH@Z
?RemoveWaitHandler@GWaitable@@QAE_NP6AXPAX@Z0@Z
?ResetEvent@GEvent@@QAEXXZ
?Resume@GThread@@QAE_NXZ
?Run@GThread@@UAEHXZ
?Seek@GBufferedFile@@UAEHHH@Z
?SetBufferMode@GBufferedFile@@IAE_NW4BufferModeType@1@@Z
?SetEvent@GEvent@@QAEXXZ
?SetExitFlag@GThread@@QAEX_N@Z
?SetHSI@GColor@@QAEXHHH@Z
?SetHSI@GColor@@QAEXMMM@Z
?SetHSV@GColor@@QAEXHHH@Z
?SetHSV@GColor@@QAEXMMM@Z
?SetIdentity@GMatrix2D@@QAEXXZ
?SetInverse@GMatrix2D@@QAEXABV1@@Z
?SetLerp@GMatrix2D@@QAEXABV1@0M@Z
?SetRefCountMode@GRefCountBaseImpl@@QAE_NI@Z
?SkipBytes@GBufferedFile@@UAEHH@Z
?Sleep@GThread@@SA_NI@Z
?Start@GThread@@UAE_NW4ThreadState@1@@Z
?Suspend@GThread@@QAE_NXZ
?Swap@GMatrix2D@@QAEXPAV1@@Z
?Tell@GBufferedFile@@UAEHXZ
?Transform@GMatrix2D@@QBEXPAV?$GPoint@M@@ABV2@@Z
?TransformByInverse@GMatrix2D@@QBEXPAV?$GPoint@M@@ABV2@@Z
?TransformVector@GMatrix2D@@QBEXPAV?$GPoint@M@@ABV2@@Z
?TryAcquire@GAcquireInterface@@UAE_NXZ
?TryAcquire@GEvent@@UAE_NXZ
?TryAcquire@GMutex@@UAE_NXZ
?TryAcquire@GSemaphore@@UAE_NXZ
?TryAcquireCancel@GAcquireInterface@@UAE_NXZ
?TryAcquireCancel@GEvent@@UAE_NXZ
?TryAcquireCancel@GMutex@@UAE_NXZ
?TryAcquireCancel@GSemaphore@@UAE_NXZ
?TryAcquireCommit@GAcquireInterface@@UAE_NXZ
?TryAcquireCommit@GEvent@@UAE_NXZ
?TryAcquireCommit@GMutex@@UAE_NXZ
?TryAcquireCommit@GSemaphore@@UAE_NXZ
?TryLock@GMutex@@QAE_NXZ
?Unlock@GMutex@@QAEXXZ
?Wait@GEvent@@QAE_NI@Z
?Wait@GWaitCondition@@QAE_NPAVGMutex@@I@Z
?Wait@GWaitable@@QAE_NI@Z
?Write@GBufferedFile@@UAEHPBEH@Z

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 825KB - Virtual size: 824KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 185KB - Virtual size: 35.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.NewIT
Size: 1024B - Virtual size: 547B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.rdata Size: 825KB - Virtual size: 824KB

.data Size: 185KB - Virtual size: 35.8MB

.rsrc Size: 1KB - Virtual size: 1KB

.NewIT Size: 1024B - Virtual size: 547B

.text
Size: 6.2MB - Virtual size: 6.2MB

.rdata
Size: 825KB - Virtual size: 824KB

.data
Size: 185KB - Virtual size: 35.8MB

.rsrc
Size: 1KB - Virtual size: 1KB

.NewIT
Size: 1024B - Virtual size: 547B