3df44d15ab6994c15024ba79d5890a2b9199e12544cb6dde93557af3810bdaf5_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3df44d15ab6994c15024ba79d5890a2b9199e12544cb6dde93557af3810bdaf5_NeikiAnalytics.exe
Size

39KB
MD5

02e93bed77b4b564b31022c48a7c2940
SHA1

44d0b38f81a44dac08cb8790c34037747eefbbb3
SHA256

3df44d15ab6994c15024ba79d5890a2b9199e12544cb6dde93557af3810bdaf5
SHA512

47a7f8528f95bc47de4366dc2484cbf5e7b07fcafcf09fd244f559977b001aaa2e6924c64d7832bb507272b9209ae9703fd003961d72a036dcfd3dbe06da0bf3
SSDEEP

768:jAyoXtcsQWBf6gf0bqwNs0ssi3U3ck7Mg1kGGMTiJD5cjdHUq2icW:jhoXtsWBCgcbqwVcW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df44d15ab6994c15024ba79d5890a2b9199e12544cb6dde93557af3810bdaf5_NeikiAnalytics.exe

Files

3df44d15ab6994c15024ba79d5890a2b9199e12544cb6dde93557af3810bdaf5_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

5fefd708359092d306f5178a8bb1c2bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\compil\VersionTcICV5_231210000000\TCIC\CATIA\CV5CAA\intel_a\code\bin\CV5CAACmdCATScript.pdb

Imports

js0group

??2CATBaseUnknown@@SAPAXI@Z
_init_lib_const
?AbortProcCAA@@YAXPBD@Z
??1CATUnicodeString@@QAE@XZ
??0CATFillDictionary@@QAE@PBDPAX@Z
??0CATUnicodeString@@QAE@QBD@Z
?RemoveInterfaceSubscriptions@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PAD@Z
??1CATString@@QAE@XZ
?RemoveInterfaceSubscriptions@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@ABU_GUID@@@Z
?RemoveSubscriptionsOn@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PBDPADPAX@Z
?RemoveSubscriptionsOn@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PBDABU_GUID@@PAX@Z
?AddSubscription@CATEventSubscriber@@UAEJPAVCATBaseUnknown@@PBDP82@AEX1PAXPAVCATNotification@@2J@ZPAD2@Z
?AddSubscription@CATEventSubscriber@@UAEJPAVCATBaseUnknown@@PBDP82@AEX1PAXPAVCATNotification@@2J@ZABU_GUID@@2@Z
?RemoveSubscriberCallbacks@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@@Z
?RemoveCallbacksOn@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@PBDPAX@Z
?RemoveCallback@CATEventSubscriber@@UAEXPAVCATBaseUnknown@@J@Z
?AddCallback@CATEventSubscriber@@UAEJPAVCATBaseUnknown@@PBDP82@AEX1PAXPAVCATNotification@@2J@Z2@Z
?ChangeComponentState@CATBaseUnknown@@UAEJW4ComponentState@1@0PBVCATSysChangeComponentStateContext@@@Z
?IsEqual@CATBaseUnknown@@UBEHPBV1@@Z
?IsNull@CATBaseUnknown@@UBEHXZ
?SetImpl@CATBaseUnknown@@UAGPAV1@PAV1@@Z
?GetImpl@CATBaseUnknown@@UBGPAV1@H@Z
?QueryInterface@CATBaseUnknown@@UBEPAV1@PBD@Z
?Invoke@CATBaseUnknown@@UAGJJABU_GUID@@KGPAUtagDISPPARAMS@@PAUtagVARIANT@@PAUtagEXCEPINFO@@PAI@Z
?GetIDsOfNames@CATBaseUnknown@@UAGJABU_GUID@@PAPAGIKPAJ@Z
?GetTypeInfo@CATBaseUnknown@@UAGJIKPAPAUITypeInfo@@@Z
?GetTypeInfoCount@CATBaseUnknown@@UAGJPAI@Z
?Release@CATBaseUnknown@@UAGKXZ
?AddRef@CATBaseUnknown@@UAGKXZ
?QueryInterface@CATBaseUnknown@@UAGJABU_GUID@@PAPAX@Z
??0CATString@@QAE@QBD@Z
??3CATBaseUnknown@@SAXPAX@Z

js0fm

?UndoCommand@CATCommand@@UAEXXZ
?RestoreState@CATCommand@@UAEHPAVCATNotification@@AAVCATMarshal@@@Z
?SaveState@CATCommand@@UAEHPAVCATNotification@@AAVCATMarshal@@@Z
?GetGlobalUndo@CATCommand@@UAEPAVCATCommandGlobalUndo@@XZ
?GetCallbackManager@CATCommand@@UAEPAVCATCallbackManager@@XZ
?Reset@CATCommand@@UAEXXZ
?EndCommand@CATCommand@@UAEXXZ
?BeginCommand@CATCommand@@UAEXXZ
?GetStatusPrompt@CATCommand@@UAEHXZ
?GetPrompt@CATCommand@@UAE?AVCATString@@XZ
?SetPrompt@CATCommand@@UAEXVCATString@@@Z
?SendCommandSpecificObject@CATCommand@@UAEPAXPBDPAVCATNotification@@@Z
?RequestStatusChange@CATCommand@@QAEHW4CATCommandMsg@@PAV1@@Z
?GetMetaObject@CATCommand@@UBGPAVCATMetaClass@@XZ
?IsA@CATCommand@@UBEPBDXZ
?IsAKindOf@CATCommand@@UBEHPBD@Z
?AnalyseNotification@CATCommand@@UAE?AW4CATNotifPropagationMode@@PAV1@PAVCATNotification@@@Z
?RequestDelayedDestruction@CATCommand@@UAEXXZ
?LogicalDeath@CATCommand@@UAEJXZ
?GetName@CATCommand@@UAEAAVCATString@@XZ
?SetName@CATCommand@@UAEXAAVCATString@@@Z

cv5caacmd

?Activate@CV5CAACmdBaseCommandCATScript@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
??0CV5CAACmdBaseCommandCATScript@@QAE@PAVCATCommand@@ABVCATString@@@Z
?Desactivate@CV5CAACmdBaseCommand@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
?Cancel@CV5CAACmdBaseCommand@@UAE?AW4CATStatusChangeRC@@PAVCATCommand@@PAVCATNotification@@@Z
??1CV5CAACmdBaseCommandCATScript@@UAE@XZ

msvcr90

_amsg_exit
_adjust_fdiv
__CppXcptFilter
_initterm_e
_except_handler4_common
__clean_type_info_names_internal
_crt_debugger_hook
_initterm
_encoded_null
free
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

Exports

Exports

DASSAULT_SYSTEMES_CAA2_LICENSING_CV5CAACmdCATScript
fctCreateAWAddComponent
fctCreateBrowseMML
fctCreateCTXMenuCmdCheckOut
fctCreateCV5CAAToolbarCmdHighlightInTc
fctCreateCV5CAAToolbarCmdReplaceByRevision
fctCreateCat2HighlightInCatia
fctCreateCat2HighlightItemRevision
fctCreateCat2HighlightSelected
fctCreateCat2MultiProcCheckOutSD
fctCreateCat2MultiProcHighlightParentSD
fctCreateCat2MultiProcRefreshSD
fctCreateCat2MultiProcReplaceByRevisionSD
fctCreateCreateAllSpreadSheets
fctCreateFinalInsert
fctCreateFinalLoad
fctCreateFinalLoadMerge
fctCreateFinalReplace
fctCreateImportAllAssemblies
fctCreateInsert
fctCreateLoad
fctCreateLoad_merge
fctCreateLoad_merge_SelectedLevel
fctCreateLoad_merge_Target
fctCreatePasteFromAWHosted
fctCreatePurgeStagingDir
fctCreateRead_linked_documents
fctCreateRefresh
fctCreateReplace
fctCreateReplaceLoadAsCgr
fctCreateTeamcenter
fctCreateUpdate_TitleBlock

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fefd708359092d306f5178a8bb1c2bd

Headers

File Characteristics

PDB Paths

Imports

js0group

js0fm

cv5caacmd

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB