be5183757aade6aaead3c0534a82d590_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

be5183757aade6aaead3c0534a82d590_NeikiAnalytics.exe
Size

274KB
MD5

be5183757aade6aaead3c0534a82d590
SHA1

356d496741833d1c7601ef7af4a214a609919513
SHA256

bafd54f03848de4dfef3c7e8cbdf5c5d743db75b8a1e6012d0380589e8b1abe5
SHA512

a86bb4c46f24c4b523f92a2663ee43e956b8b4c44b9e966585d6ebe1720d49e46fd9ff64b854b4b521dc558d7cac05ce27a5a4be5cc4931a97018fca6fea5776
SSDEEP

6144:Rds8mzWmX7O5KsZT1kT7lEjvjmAtpnjpo:Rds8XpKsZ5m7lEjvSAXn

Score

1^/10

Malware Config

Signatures

Files

be5183757aade6aaead3c0534a82d590_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

707603b9debc3bde6535b90e1c392277

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:02:b3:6b:32:51:c3:28:08:3f:77:7c:a0:84:28:ff
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16-09-2022 00:00

Not After

17-09-2025 23:59

Subject

CN=Avast Software s.r.o.,O=Avast Software s.r.o.,L=Praha,C=CZ

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:27:be:e6:d6:04:d0:b7:40:3b:ca:50:2f:88:4a:7f:43:fb:3b:a1:7c:fd:3c:70:a4:01:bb:c3:0a:d0:94:95
Signer

Actual PE Digest

00:27:be:e6:d6:04:d0:b7:40:3b:ca:50:2f:88:4a:7f:43:fb:3b:a1:7c:fd:3c:70:a4:01:bb:c3:0a:d0:94:95

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
gethostname
WSAStartup
inet_addr

iphlpapi

SendARP

oleaut32

VariantClear
SysFreeString
SysAllocString
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VariantInit
VariantCopy
VariantTimeToSystemTime
VariantChangeType

ole32

CoCreateInstance
CoUninitialize
IIDFromString
CLSIDFromString
CoInitialize
CoInitializeSecurity
CoSetProxyBlanket

kernel32

GetStringTypeW
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
RaiseException
TerminateProcess
RtlUnwind
GetCommandLineA
GetStartupInfoA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
SetErrorMode
GetProcessVersion
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetLastError
SetLastError
InterlockedIncrement
lstrcpyA
WritePrivateProfileStringA
InterlockedDecrement
GlobalFlags
lstrlenA
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
SetStdHandle
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringW
GetStringTypeA
IsBadCodePtr
VirtualFree
MultiByteToWideChar
lstrcatA
GetProcessHeap
GetModuleHandleA
ExitProcess
LCMapStringA
LoadLibraryA
GetProcAddress
FreeLibrary
WideCharToMultiByte
IsBadReadPtr
HeapFree
HeapReAlloc
HeapAlloc

user32

UnregisterClassA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
EnableWindow
SetCursor
SendMessageA
PostMessageA
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
PostQuitMessage
wsprintfA
MessageBoxA
GetMessageA
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
DestroyMenu
LoadStringA
GetSysColorBrush
LoadCursorA
LoadIconA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GetMenuCheckMarkDimensions
LoadBitmapA

gdi32

SetViewportExtEx
GetObjectA
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetDeviceCaps
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

707603b9debc3bde6535b90e1c392277

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

09:02:b3:6b:32:51:c3:28:08:3f:77:7c:a0:84:28:ffCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

00:27:be:e6:d6:04:d0:b7:40:3b:ca:50:2f:88:4a:7f:43:fb:3b:a1:7c:fd:3c:70:a4:01:bb:c3:0a:d0:94:95Signer

Headers

File Characteristics

Imports

ws2_32

iphlpapi

oleaut32

ole32

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 144KB - Virtual size: 202KB

.rsrc Size: 12KB - Virtual size: 10KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:02:b3:6b:32:51:c3:28:08:3f:77:7c:a0:84:28:ff
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

00:27:be:e6:d6:04:d0:b7:40:3b:ca:50:2f:88:4a:7f:43:fb:3b:a1:7c:fd:3c:70:a4:01:bb:c3:0a:d0:94:95
Signer

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 144KB - Virtual size: 202KB

.rsrc
Size: 12KB - Virtual size: 10KB