1f1f8151821908e56b671363aedf4ce0_NeikiAnalytics

Sharing

Copy URL

Twitter E-mail

General

Target

1f1f8151821908e56b671363aedf4ce0_NeikiAnalytics
Size

8.6MB
MD5

1f1f8151821908e56b671363aedf4ce0
SHA1

2e19c67987c01535f539daea4d7c99d57205d3f1
SHA256

7f2bf8c82d72e77e1c9f57b730399c9f1a221b2125483daa043f8aa39fe88f0f
SHA512

94c913445eb6cae9e37008cad70eccd37d8b570a817e662edfbb4bce6a815825bd6d2e81ee4e80cb2ca32f0e7c62080bf27c6a208fae08e41e45460e50a1c831
SSDEEP

98304:O8Jk7Y7zVV+FlUmbyJCzP0FMgcyjdF8Jk7Y7zVV+FlUmbyJCzP0FMpF:Rm75llGJCzP0+zykm75llGJCzP0+pF

Score

1^/10

Malware Config

Signatures

Files

1f1f8151821908e56b671363aedf4ce0_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

48:86:96:0e:f6:f4:24:74:b2:8d:5c:56:4b:b2:64:0f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

31/12/1999, 22:00

Not After

31/12/2098, 22:00

Subject

CN=Alastri Software Pty Ltd,O=Alastri Software Pty Ltd,L=Perth,ST=Western Australia,C=AU

ff:ce:08:cf:ee:32:35:ef:e1:fa:ad:4f:fd:da:80:43:6a:a9:22:5a:f7:0c:f0:b5:31:70:a0:14:35:1e:45:e7
Signer

Actual PE Digest

ff:ce:08:cf:ee:32:35:ef:e1:fa:ad:4f:fd:da:80:43:6a:a9:22:5a:f7:0c:f0:b5:31:70:a0:14:35:1e:45:e7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

extra0
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

extra1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Code Sign

48:86:96:0e:f6:f4:24:74:b2:8d:5c:56:4b:b2:64:0fCertificate

ff:ce:08:cf:ee:32:35:ef:e1:fa:ad:4f:fd:da:80:43:6a:a9:22:5a:f7:0c:f0:b5:31:70:a0:14:35:1e:45:e7Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 4.1MB - Virtual size: 4.1MB

extra0 Size: 209KB - Virtual size: 209KB

extra1 Size: 4.3MB - Virtual size: 4.3MB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 512B - Virtual size: 12B

48:86:96:0e:f6:f4:24:74:b2:8d:5c:56:4b:b2:64:0f
Certificate

ff:ce:08:cf:ee:32:35:ef:e1:fa:ad:4f:fd:da:80:43:6a:a9:22:5a:f7:0c:f0:b5:31:70:a0:14:35:1e:45:e7
Signer

.text
Size: 4.1MB - Virtual size: 4.1MB

extra0
Size: 209KB - Virtual size: 209KB

extra1
Size: 4.3MB - Virtual size: 4.3MB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 512B - Virtual size: 12B