ab54e7a7dc367a3c4f6a603ca566dd20_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ab54e7a7dc367a3c4f6a603ca566dd20_NeikiAnalytics.exe
Size

445KB
MD5

ab54e7a7dc367a3c4f6a603ca566dd20
SHA1

e82d3001c60d9525ca9952d67cd2ef57b8eddd1f
SHA256

1ba1b233ffbd948f5645f18afb2e1e8c99a80eb8f3beac67fb9ac04f75f1ac71
SHA512

622442e2dbb13bced979c03e87f15c6de4896e669457ed7b85680511716768f2f499e17431fcaacc3cd7b04256fbc51a3d271939c60823d6527bddc1948c6994
SSDEEP

12288:R8w1SBP+OI63dwoC6XlqJn5LSvUNMo7IQ:R8w1SBP+OI63drC6XlqJn5uvCMo7d

Score

1^/10

Malware Config

Signatures

Files

ab54e7a7dc367a3c4f6a603ca566dd20_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

9d63601b75db6820cb6e18c76c455c6b

Code Sign

33:00:59:f8:b6:da:86:89:70:6f:fa:1b:d9:00:00:00:59:f8:b6
Certificate

Issuer

CN=Microsoft Azure TLS Issuing CA 06,O=Microsoft Corporation,C=US

Not Before

04-10-2022 23:23

Not After

29-09-2023 23:23

Subject

CN=www.microsoft.com,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7d:01:b7:f3:1d:be:cf:f8:0a:4c:d1:96:e6:8c:ed:c4:13:d5:f7:8a:c0:c3:54:41:4f:88:b3:6a:fa:8b:39:c0
Signer

Actual PE Digest

7d:01:b7:f3:1d:be:cf:f8:0a:4c:d1:96:e6:8c:ed:c4:13:d5:f7:8a:c0:c3:54:41:4f:88:b3:6a:fa:8b:39:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentProcess
InitializeProcThreadAttributeList
IsProcessorFeaturePresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UpdateProcThreadAttribute

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

_sysc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9d63601b75db6820cb6e18c76c455c6b

Code Sign

33:00:59:f8:b6:da:86:89:70:6f:fa:1b:d9:00:00:00:59:f8:b6Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

7d:01:b7:f3:1d:be:cf:f8:0a:4c:d1:96:e6:8c:ed:c4:13:d5:f7:8a:c0:c3:54:41:4f:88:b3:6a:fa:8b:39:c0Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 176KB - Virtual size: 175KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 196KB - Virtual size: 197KB

.pdata Size: 1024B - Virtual size: 684B

.00cfg Size: 512B - Virtual size: 48B

.retplne Size: 512B - Virtual size: 92B

_sysc Size: 512B - Virtual size: 72B

.rsrc Size: 57KB - Virtual size: 57KB

.reloc Size: 512B - Virtual size: 48B

33:00:59:f8:b6:da:86:89:70:6f:fa:1b:d9:00:00:00:59:f8:b6
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

7d:01:b7:f3:1d:be:cf:f8:0a:4c:d1:96:e6:8c:ed:c4:13:d5:f7:8a:c0:c3:54:41:4f:88:b3:6a:fa:8b:39:c0
Signer

.text
Size: 176KB - Virtual size: 175KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 196KB - Virtual size: 197KB

.pdata
Size: 1024B - Virtual size: 684B

.00cfg
Size: 512B - Virtual size: 48B

.retplne
Size: 512B - Virtual size: 92B

_sysc
Size: 512B - Virtual size: 72B

.rsrc
Size: 57KB - Virtual size: 57KB

.reloc
Size: 512B - Virtual size: 48B