ee73fc1e50be06bfe27f27260b980160_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

ee73fc1e50be06bfe27f27260b980160_NeikiAnalytics
Size

923KB
MD5

ee73fc1e50be06bfe27f27260b980160
SHA1

87684f4c398ff779bb851db2bc4d7004b249b017
SHA256

9a8cefff6d5a700c43c2c01adf20b4d3551bba037452079534c01e13b09a29df
SHA512

49d5f09c79125a6fdf2e47d3612773332829aae63cc18242088caeed8711d7bb2fa569adda32af9ec023cfa2a37dcb50c08770f312eed0b013bbffcfc9abda21
SSDEEP

24576:2rnIPgKGIBRRgkCSRFjLXmPCuP54z+zAw:eKGPkfRRVy4CH

Score

1^/10

Malware Config

Signatures

Files

ee73fc1e50be06bfe27f27260b980160_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

5dd73c6d03775261cf6f7f96a4ab4d8e

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

14-07-2021 00:00

Not After

18-07-2024 23:59

Subject

CN=Unity Technologies ApS,OU=Developer Services,O=Unity Technologies ApS,L=København,C=DK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e1:f7:00:7b:1a:7d:0d:e6:35:db:77:e0:ca:dc:67:76:68:17:ba:7f
Signer

Actual PE Digest

e1:f7:00:7b:1a:7d:0d:e6:35:db:77:e0:ca:dc:67:76:68:17:ba:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\build\output\unity\unity\artifacts\UnityCrashHandler\Win32_VS2019_nondev_m_m\UnityCrashHandler32.pdb

Imports

user32

GetDlgItem
SendDlgItemMessageA
AdjustWindowRect
DialogBoxParamA
SetForegroundWindow
SendMessageW
LookupIconIdFromDirectoryEx
EndDialog
GetWindowLongA
SetWindowPos
SetWindowTextW
UnionRect
LoadImageA
CreateIconFromResourceEx
InflateRect
GetIconInfo
OffsetRect

kernel32

DuplicateHandle
VirtualProtect
GetVersionExW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
CreateTimerQueue
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapQueryInformation
HeapSize
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
FreeLibraryAndExitThread
GetConsoleOutputCP
GetConsoleMode
SetConsoleCtrlHandler
GetFileType
SetStdHandle
GetModuleHandleExW
ExitProcess
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetLocaleInfoW
LCMapStringW
GetLastError
GetCurrentThread
WaitForSingleObjectEx
CloseHandle
RaiseException
GetThreadTimes
OpenThread
TryEnterCriticalSection
EnterCriticalSection
SetThreadPriority
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetCurrentThreadId
ResumeThread
GetThreadPriority
CreateThread
SwitchToThread
DeleteCriticalSection
ReadFile
GetModuleFileNameA
FindFirstFileW
FindFirstFileExW
TlsSetValue
SetLastError
FindNextFileW
GetCurrentProcess
WriteFile
OutputDebugStringA
GetModuleFileNameW
GetEnvironmentVariableA
FindClose
CreateFileW
GetFileAttributesW
SuspendThread
GetCurrentDirectoryA
QueryDepthSList
CreateEventW
MultiByteToWideChar
GetFileAttributesA
LoadLibraryA
DeleteFileW
LoadLibraryW
GetThreadContext
GetProcAddress
SetFilePointerEx
ReadProcessMemory
FreeLibrary
WideCharToMultiByte
TlsGetValue
GetSystemTime
FlushFileBuffers
HeapFree
Thread32Next
Thread32First
WaitForSingleObject
CreateToolhelp32Snapshot
FormatMessageW
HeapAlloc
LocalFree
VerSetConditionMask
GetCurrentProcessId
GetProcessHeap
GetModuleHandleW
VerifyVersionInfoW
GetSystemTimeAsFileTime
GetStdHandle
GetProcessId
GetTempPathW
WaitForMultipleObjectsEx
OpenProcess
Sleep
SetEvent
GetThreadId
GetFileSize
CreateProcessW
CopyFileExW
AllocConsole
GetExitCodeProcess
SizeofResource
GetCommandLineW
EnumResourceNamesA
InitializeCriticalSection
SetErrorMode
FindResourceA
GetModuleHandleA
GetExitCodeThread
TerminateThread
LockResource
LoadResource
CreateEventA
LoadLibraryExW
GetFileSizeEx
VirtualFree
ReleaseSemaphore
VirtualAlloc
TlsAlloc
QueryPerformanceFrequency
TlsFree
QueryPerformanceCounter
VirtualQuery
IsDebuggerPresent
CompareStringW
GetTickCount
GetCPInfo
DecodePointer
EncodePointer
GetStringTypeW
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
InterlockedPopEntrySList
UnregisterWaitEx
TerminateProcess

shell32

SHCreateDirectoryExW
CommandLineToArgvW

ole32

CoInitializeEx
CoTaskMemFree
CoCreateGuid

psapi

GetModuleFileNameExW

advapi32

GetUserNameA

wininet

InternetConnectA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
InternetCrackUrlA
HttpQueryInfoA
HttpOpenRequestA

gdi32

GetObjectA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 425KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dd73c6d03775261cf6f7f96a4ab4d8e

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52Certificate

Extended Key Usages

Key Usages

e1:f7:00:7b:1a:7d:0d:e6:35:db:77:e0:ca:dc:67:76:68:17:ba:7fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

kernel32

shell32

ole32

psapi

advapi32

wininet

gdi32

version

Sections

.text Size: 425KB - Virtual size: 424KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 349KB - Virtual size: 349KB

.reloc Size: 20KB - Virtual size: 19KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

0f:7c:5a:5e:06:2a:bd:ba:fc:be:1e:c6:3d:4c:30:52
Certificate

e1:f7:00:7b:1a:7d:0d:e6:35:db:77:e0:ca:dc:67:76:68:17:ba:7f
Signer

.text
Size: 425KB - Virtual size: 424KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 349KB - Virtual size: 349KB

.reloc
Size: 20KB - Virtual size: 19KB