Static task
static1
Behavioral task
behavioral1
Sample
3e1b2c30547aa750772b2955483d19e0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
3e1b2c30547aa750772b2955483d19e0_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
3e1b2c30547aa750772b2955483d19e0_NeikiAnalytics.exe
-
Size
87KB
-
MD5
3e1b2c30547aa750772b2955483d19e0
-
SHA1
627e93e77794f964005be9d3e098e5dd4dcb8edd
-
SHA256
728526c46e662aabda8f33f9441acc42bf6b2ac5f501ca146e23da1860aca69f
-
SHA512
aa239a802b77f52ebe10b626fbc6cdbe60c6a847bafa6d422da279f748e79808e1c42177999c7188f2b3de8a7f4e745aa99241a4a83721738accd0b58e8bea7d
-
SSDEEP
1536:9rQIP5a3MTD9L2MNdyVUzQoFe2jR6NHGm8k1NRBoNJwTdWbM1bGeVKi4r:9kIE3MTD9L2MdyVKB6NHGm8k/oNOdOMW
Malware Config
Signatures
Files
-
3e1b2c30547aa750772b2955483d19e0_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
10:b2:c9:e2:25:bf:18:bf:4c:71:c4:9d:28:69:d8:3aCertificate
IssuerCN=DSNGUYEN-PC\\NguyenNot Before26/04/2021, 14:47Not After26/04/2022, 20:47SubjectCN=DSNGUYEN-PC\\Nguyen7b:77:3c:46:3c:42:e7:71:dc:6c:f6:d3:27:19:f4:75:cf:ab:84:f8:07:72:13:82:ed:c3:9a:43:75:88:43:daSigner
Actual PE Digest7b:77:3c:46:3c:42:e7:71:dc:6c:f6:d3:27:19:f4:75:cf:ab:84:f8:07:72:13:82:ed:c3:9a:43:75:88:43:daDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
E:\WinForm\QuanLyCoffee\QuanLyCoffee\obj\Debug\QuanLyCoffee.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 920B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ