49b9f1d236242c584462f0c9c8160df0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

49b9f1d236242c584462f0c9c8160df0_NeikiAnalytics
Size

2.9MB
MD5

49b9f1d236242c584462f0c9c8160df0
SHA1

7eab2c10d028ea1e3a294a5e39ae4abbaba43aa3
SHA256

06aad9c64e8a3151a0f93c716b594990891268316ec3433f8c1cfabf8e6f0372
SHA512

8a700201acb71fb3a035430f48ba9fc9d8dc6e98908d492f5753968d93f729c7d542a10c71289ad98a05d20ce5d75ee876abeaa7db15e745e785eb88c793c34a
SSDEEP

49152:1BwaiEWqiSJ6e2OKwL0NpNdV5aNYfDhUfjgf6sBJWNa6:1BwQ6e5MRv5xOfjG6OMt

Score

1^/10

Malware Config

Signatures

Files

49b9f1d236242c584462f0c9c8160df0_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

Code Sign

47:16:d5:20:eb:2f:98:6c:b1:28:b7:f9:07:2f:ee:de
Certificate

Issuer

CN=CrystalCloud group

Not Before

13/08/2023, 21:00

Not After

13/08/2024, 21:00

Subject

CN=CrystalCloud group

6e:02:12:d6:6f:c7:a0:71:58:73:5b:03:2f:5e:29:6d:4c:2a:d8:2e:73:30:1e:fb:23:56:14:30:b3:7a:ee:10
Signer

Actual PE Digest

6e:02:12:d6:6f:c7:a0:71:58:73:5b:03:2f:5e:29:6d:4c:2a:d8:2e:73:30:1e:fb:23:56:14:30:b3:7a:ee:10

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 1.9MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 293KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 223KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 69KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qtmetad
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

47:16:d5:20:eb:2f:98:6c:b1:28:b7:f9:07:2f:ee:deCertificate

6e:02:12:d6:6f:c7:a0:71:58:73:5b:03:2f:5e:29:6d:4c:2a:d8:2e:73:30:1e:fb:23:56:14:30:b3:7a:ee:10Signer

Headers

DLL Characteristics

File Characteristics

Sections

Size: 1.9MB - Virtual size: 9.3MB

Size: 5KB - Virtual size: 16KB

Size: 18KB - Virtual size: 48KB

Size: 293KB - Virtual size: 832KB

Size: 5KB - Virtual size: 64KB

Size: 1KB - Virtual size: 280KB

.rsrc Size: 223KB - Virtual size: 1.4MB

Size: 69KB - Virtual size: 160KB

.qtmetad Size: 404KB - Virtual size: 404KB

.adata Size: - Virtual size: 4KB

47:16:d5:20:eb:2f:98:6c:b1:28:b7:f9:07:2f:ee:de
Certificate

6e:02:12:d6:6f:c7:a0:71:58:73:5b:03:2f:5e:29:6d:4c:2a:d8:2e:73:30:1e:fb:23:56:14:30:b3:7a:ee:10
Signer

.rsrc
Size: 223KB - Virtual size: 1.4MB

.qtmetad
Size: 404KB - Virtual size: 404KB

.adata
Size: - Virtual size: 4KB