Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
4501d9b27fce485b2e26a490c25a75c95c8b0f61f7099008e298f0a2c3476d69_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4501d9b27fce485b2e26a490c25a75c95c8b0f61f7099008e298f0a2c3476d69_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Target
4501d9b27fce485b2e26a490c25a75c95c8b0f61f7099008e298f0a2c3476d69_NeikiAnalytics.exe
Size
1.2MB
MD5
fb448d5b919e423fc247aaaa65a76890
SHA1
b725ce69f6960ea9938600a27ae38bf9ba171ff7
SHA256
4501d9b27fce485b2e26a490c25a75c95c8b0f61f7099008e298f0a2c3476d69
SHA512
202801e5273d8aa48010e67f0afef167b114a247393835794de0d29e59a5a347f597b81ef08587aabe76f5dbde66ee09cb83f538f9ad37553598b1cd93a0dc45
SSDEEP
24576:Jj724rVSjZZ2EqgoWn6FnmZCWk1+RZ4p9AQQ:16YICZxA4lWkUZ4p9AQQ
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
C:\home\jenkins\agent\workspace\_core-cdp-test_releases_3.2.28.x\src\LenovoVisionFramework\x64\Release\LenovoVisionService.pdb
RpcEpRegisterW
RpcServerInqBindings
RpcStringFreeW
RpcServerRegisterIf3
RpcServerUseProtseqEpW
RpcBindingVectorFree
RpcEpUnregister
RpcServerUnregisterIf
RpcMgmtStopServerListening
I_RpcBindingInqLocalClientPID
NdrClientCall3
NdrServerCall2
RpcServerListen
NdrServerCallAll
RpcBindingToStringBindingW
RpcStringBindingParseW
GetFullPathNameW
CompareFileTime
DeleteFileW
SetEndOfFile
WriteFile
FindFirstFileExW
SetFilePointer
GetFileTime
CreateFileW
GetFileAttributesW
FlushFileBuffers
GetFileType
GetFileSizeEx
FindClose
SetFilePointerEx
ReadFile
FindNextFileW
CreateProcessW
GetExitCodeProcess
CreateProcessAsUserW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
ExitThread
ExitProcess
TlsSetValue
GetStartupInfoW
TlsAlloc
ProcessIdToSessionId
GetExitCodeThread
CreateThread
TlsGetValue
TlsFree
CopyFileW
WaitForMultipleObjectsEx
CreateMutexExW
CreateSemaphoreExW
TryEnterCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
ReleaseSRWLockShared
InitializeCriticalSectionEx
ReleaseMutex
WaitForSingleObjectEx
WaitForSingleObject
OpenSemaphoreW
DeleteCriticalSection
AcquireSRWLockShared
CreateMutexW
ReleaseSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
AcquireSRWLockExclusive
CreateEventW
InitializeSRWLock
OpenEventW
UnhandledExceptionFilter
GetLastError
RaiseException
SetUnhandledExceptionFilter
SetLastError
CloseHandle
LoadLibraryW
FindResourceW
AddDllDirectory
GetProcAddress
LoadLibraryExW
FreeLibrary
SizeofResource
FindResourceExW
LoadResource
SetDefaultDllDirectories
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
LockResource
RegQueryValueExA
RegNotifyChangeKeyValue
RegCloseKey
RegEnumValueW
RegOpenKeyExW
GlobalFree
LocalFree
GlobalAlloc
GetLocaleInfoW
IsValidCodePage
GetACP
FormatMessageW
GetCPInfo
IsValidLocale
LCMapStringW
GetOEMCP
GetUserDefaultLCID
LCMapStringEx
EnumSystemLocalesW
GetProcessHeap
HeapReAlloc
HeapAlloc
HeapDestroy
HeapFree
HeapSize
DebugBreak
OutputDebugStringW
IsDebuggerPresent
WTSGetActiveConsoleSessionId
GetSystemPowerStatus
PowerGetActiveScheme
PowerReadDCValueIndex
VariantClear
SysAllocString
GetErrorInfo
SetErrorInfo
SysStringLen
SysFreeString
GetTokenInformation
RevertToSelf
SetSecurityDescriptorDacl
FreeSid
AllocateAndInitializeSid
ImpersonateLoggedOnUser
InitializeSecurityDescriptor
ConvertSidToStringSidA
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
IsProcessorFeaturePresent
OpenProcess
K32EnumProcesses
QueryFullProcessImageNameW
FindPackagesByPackageFamily
GetPackageFamilyName
ClosePackageInfo
OpenPackageInfoByFullName
GetPackageInfo
PackageIdFromFullName
RegEnumKeyW
GetSystemDirectoryW
GetSystemTimeAsFileTime
SHGetKnownFolderPath
SHGetSpecialFolderPathA
SHGetFolderPathW
CoSetProxyBlanket
CoUninitialize
CoInitializeEx
CLSIDFromString
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemFree
CreateEnvironmentBlock
GetUserProfileDirectoryW
DestroyEnvironmentBlock
SystemTimeToFileTime
GetTimeZoneInformation
Sleep
InitOnceBeginInitialize
InitOnceComplete
GetStringTypeW
WideCharToMultiByte
CompareStringEx
MultiByteToWideChar
CompareStringW
CM_Get_Device_IDW
CM_Locate_DevNodeW
CM_Get_Device_Interface_PropertyW
CM_Get_DevNode_PropertyW
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_List_SizeW
ord290
SetNamedSecurityInfoW
SetEntriesInAclW
GetNamedSecurityInfoW
DeviceIoControl
lstrlenW
CM_Get_Device_Interface_List_SizeA
SHDeleteKeyW
CreateFile2
GetFileVersionInfoW
VerQueryValueW
ConvertSidToStringSidW
DeriveCapabilitySidsFromName
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
StartServiceW
QueryServiceStatusEx
ControlService
QueryServiceStatus
SubmitThreadpoolWork
CreateThreadpoolWork
CloseThreadpoolWork
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
EventWriteString
EventUnregister
EventRegister
EncodePointer
DecodePointer
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptAcquireContextW
CryptCreateHash
WinVerifyTrust
VerSetConditionMask
VerifyVersionInfoW
EnumWindows
GetWindowThreadProcessId
GetWindow
SetWindowPos
UnregisterDeviceNotification
BringWindowToTop
ShowWindow
SetFocus
RegisterDeviceNotificationW
CoInitialize
?Log@CLogger@@QEAAXW4LOG_LEVEL@@PEB_WZZ
?Logger@CLogger@@SAAEAV1@XZ
PathAppendW
PathRemoveFileSpecW
PathFileExistsW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
WTSQueryUserToken
WTSEnumerateSessionsW
WTSFreeMemory
WTSQuerySessionInformationW
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwind
RtlPcToFileHeader
RtlUnwindEx
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeSListHead
InterlockedPushEntrySList
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetStdHandle
GetStdHandle
GetCommandLineA
GetCommandLineW
WriteConsoleW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ