5fbd844a6ce26deb5337e8e6dd7c7b70_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

5fbd844a6ce26deb5337e8e6dd7c7b70_NeikiAnalytics
Size

1.9MB
MD5

5fbd844a6ce26deb5337e8e6dd7c7b70
SHA1

5302e49b2027a07c7bb8f95d45510efc0d954cf8
SHA256

f0d640c4e07c81c29f0ec2b603ec3017bdd4db0d0e26c3fa364a6bbf45826058
SHA512

c383b5ec9fb9efd53cdf00c2b0940fe60a35a857f8be40ae0763647c3523712553910aca8504768cc86895b2168525fa6043d567e66e0ed5696e2c8e5e7b992d
SSDEEP

24576:qJ317lBRJrK1ooREQCW25Urhug9fl5L1aCJ9sr89t7vLLs1esv3qZmmg9pgeQuX/:I7l41GQhndLTpzclMoTObrL+2Wd

Score

1^/10

Malware Config

Signatures

Files

5fbd844a6ce26deb5337e8e6dd7c7b70_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

e2f7bdb1735415585de8de7e17d50dc0

Code Sign

64:33:51:d3:c7:38:9f:08
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

24/06/2016, 20:44

Not After

24/06/2031, 20:44

Subject

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:2c:e4:04:ae:f3:44:eb:b3:b8:76:54:f2:c9:84:22
Certificate

Issuer

CN=SSL.com Code Signing Intermediate CA RSA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

14/03/2024, 20:30

Not After

14/03/2025, 20:30

Subject

CN=Max Biotech Limited,O=Max Biotech Limited,L=Caterham,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

19/02/2024, 16:18

Not After

16/02/2034, 16:18

Subject

CN=SSL.com Timestamping Unit 2024 E1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:24:4d:f1:81:b7:60:74:b6:47:42:3f:c0:ce:dc:29:75:14:06:ba:ed:4b:8e:7e:59:43:b6:1d:28:9a:cb:a7
Signer

Actual PE Digest

74:24:4d:f1:81:b7:60:74:b6:47:42:3f:c0:ce:dc:29:75:14:06:ba:ed:4b:8e:7e:59:43:b6:1d:28:9a:cb:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileW
FindResourceExW
FindResourceW
FlushInstructionCache
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesW
GetFileSize
GetLastError
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetShortPathNameW
GetStartupInfoW
GetThreadLocale
GetVersion
GetVersionExW
GlobalAlloc
GlobalFree
GlobalReAlloc
HeapAlloc
HeapFree
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LoadLibraryExW
LoadLibraryW
LoadResource
LockResource
lstrcmpiW
lstrcpyW
lstrlenA
lstrlenW
MoveFileW
MulDiv
MultiByteToWideChar
OpenEventW
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseSemaphore
RemoveDirectoryW
SetEvent
SetLastError
FindFirstFileW
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
GetCurrentProcess
GetStartupInfoA
RtlUnwind
FindClose
ExpandEnvironmentStringsA
ExitProcess
DeleteFileW
DeleteCriticalSection
CreateSemaphoreW
CreateFileW
CreateEventW
CreateDirectoryW
CompareStringW
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
SetThreadPriority
GetDriveTypeA

user32

SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TranslateMessage
UnregisterClassA
UpdateWindow
WaitMessage
WindowFromPoint
SetDlgItemTextW
SetCursor
SetCapture
SendMessageW
SetRectEmpty
ScreenToClient
ReleaseDC
ReleaseCapture
RegisterClassExW
PtInRect
PostThreadMessageW
PostQuitMessage
PeekMessageW
OffsetRect
MsgWaitForMultipleObjects
MessageBoxW
MapWindowPoints
LoadImageW
LoadCursorW
IsWindowUnicode
SendDlgItemMessageW
SetFocus
GetWindowThreadProcessId
GetForegroundWindow
BeginPaint
CallWindowProcW
IsWindowEnabled
IsDialogMessageW
InvalidateRect
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowLongW
GetSystemMetrics
GetSysColor
GetParent
GetMessageW
GetFocus
GetDlgItemTextW
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetCapture
GetAsyncKeyState
FillRect
EndPaint
EnableWindow
DrawTextW
DrawFocusRect
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyCursor
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CreateCursor
CharNextW
GetMessageA

gdi32

GetDeviceCaps
GetObjectW
GetStockObject
DeleteObject
SetBkColor
SetBkMode
DeleteDC
CreateSolidBrush
CreateFontIndirectW
CreateDIBSection
SelectObject
BitBlt
CreateCompatibleDC

advapi32

RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

ole32

OleInitialize
CoCreateInstance
OleUninitialize

Sections

.text
Size: 760KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vcp1201
Size: 983KB - Virtual size: 984KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e2f7bdb1735415585de8de7e17d50dc0

Code Sign

64:33:51:d3:c7:38:9f:08Certificate

Extended Key Usages

Key Usages

4e:2c:e4:04:ae:f3:44:eb:b3:b8:76:54:f2:c9:84:22Certificate

Extended Key Usages

Key Usages

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7Certificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

74:24:4d:f1:81:b7:60:74:b6:47:42:3f:c0:ce:dc:29:75:14:06:ba:ed:4b:8e:7e:59:43:b6:1d:28:9a:cb:a7Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 760KB - Virtual size: 756KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 136KB - Virtual size: 136KB

.vcp1201 Size: 983KB - Virtual size: 984KB

64:33:51:d3:c7:38:9f:08
Certificate

4e:2c:e4:04:ae:f3:44:eb:b3:b8:76:54:f2:c9:84:22
Certificate

5a:5a:ac:e8:1a:35:6e:b4:62:86:8d:57:7d:e0:3d:c7
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

74:24:4d:f1:81:b7:60:74:b6:47:42:3f:c0:ce:dc:29:75:14:06:ba:ed:4b:8e:7e:59:43:b6:1d:28:9a:cb:a7
Signer

.text
Size: 760KB - Virtual size: 756KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 136KB - Virtual size: 136KB

.vcp1201
Size: 983KB - Virtual size: 984KB