5e536f0a23382a31deac85047e9292dfebb2d557f0defae28dd0ea5166cf29a9_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

5e536f0a23382a31deac85047e9292dfebb2d557f0defae28dd0ea5166cf29a9_NeikiAnalytics.exe
Size

922KB
MD5

bd2f15d58a2e63bd86a06afdd2aa0860
SHA1

9d867319bbbb392ba50c5751501737565dd67731
SHA256

5e536f0a23382a31deac85047e9292dfebb2d557f0defae28dd0ea5166cf29a9
SHA512

26cda05383e4f31c2bb089fa9d2a822e12531e91aa8d4565bf6202ed726cc0a60b8f4d67e20238f554ad4d923b3f6d831a397315f36e4178ea46ce7febac2e5f
SSDEEP

12288:cwGNBppAr5ku9yas0sie2tx7vFoNEO5NoloiLkD4siAZ6oCBNYd:Mpp45ku9yaDsZ2n7vqNEoNBiL84s1Z6y

Score

1^/10

Malware Config

Signatures

Files

5e536f0a23382a31deac85047e9292dfebb2d557f0defae28dd0ea5166cf29a9_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

5394409b09c8cee95b27a577389009ab

Code Sign

7c:f8:e1:0f:b5:db:50:9f:44:e8:f7:c0:9a:6d:e6:43
Certificate

Issuer

CN=SummerIndigoUnion,1.2.840.113549.1.9.1=#0c1b61646d696e4073756d6d6572696e6469676f756e696f6e2e636f6d

Not Before

27/10/2022, 00:00

Not After

27/10/2023, 23:59

Subject

CN=SummerIndigoUnion,1.2.840.113549.1.9.1=#0c1b61646d696e4073756d6d6572696e6469676f756e696f6e2e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSACleanup
WSAResetEvent
WSASetEvent
ioctlsocket
freeaddrinfo
getaddrinfo
listen
htonl
accept
select
__WSAFDIsSet
send
WSAStartup
WSAIoctl
WSASetLastError
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
bind
recv
WSAGetLastError
closesocket
WSAWaitForMultipleEvents

crypt32

CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertOpenStore
CertCloseStore
CertEnumCertificatesInStore

normaliz

IdnToUnicode
IdnToAscii

advapi32

RegDisableReflectionKey
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA
SetTokenInformation
SetPrivateObjectSecurity
RegSetValueW
BuildTrusteeWithSidW
RegCopyTreeA
PrivilegedServiceAuditAlarmW
PerfCreateInstance
OpenEventLogW
CredReadW
CredIsProtectedA
CredDeleteA
ConvertStringSecurityDescriptorToSecurityDescriptorW

kernel32

ReadConsoleW
GetConsoleCP
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetStdHandle
GetConsoleMode
GetCommandLineW
GetCommandLineA
WriteFile
SetEndOfFile
SetFilePointerEx
GetFileAttributesExW
GetCurrentDirectoryW
GetFullPathNameW
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
DeleteFileW
FlushFileBuffers
WriteConsoleW
QueryPerformanceFrequency
CloseThreadpoolCleanupGroupMembers
EnumLanguageGroupLocalesA
FindCloseChangeNotification
FindResourceW
GetACP
GetCurrentDirectoryA
GetCurrentProcessorNumber
GetFileSizeEx
GetFirmwareEnvironmentVariableW
GetModuleHandleExW
GetProcessHeaps
GetThreadSelectorEntry
GetProcAddress
GetModuleHandleA
SetCommConfig
SetCommTimeouts
SetEventWhenCallbackReturns
SetThreadpoolWait
WideCharToMultiByte
WaitForSingleObjectEx
GetLastError
SizeofResource
FindResourceA
MultiByteToWideChar
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
SleepEx
RtlUnwind
GetSystemDirectoryA
FreeLibrary
LoadLibraryA
QueryPerformanceCounter
GetTickCount
Sleep
CloseHandle
GetEnvironmentVariableA
SetLastError
FormatMessageW
VerSetConditionMask
VerifyVersionInfoW
MoveFileExA
CreateFileA
ReadFile
IsDebuggerPresent
OutputDebugStringW
GetStdHandle
GetModuleFileNameW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
FreeLibraryAndExitThread
ExitThread
EncodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateFileW
GetFileType
CreateThread

user32

LoadStringA
LoadStringW

ole32

OleCreateLink
CoFreeUnusedLibraries
CoDisconnectContext

bcrypt

BCryptGenRandom

Sections

.text
Size: 744KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5394409b09c8cee95b27a577389009ab

Code Sign

7c:f8:e1:0f:b5:db:50:9f:44:e8:f7:c0:9a:6d:e6:43Certificate

Signer

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

crypt32

normaliz

advapi32

kernel32

user32

ole32

bcrypt

Sections

.text Size: 744KB - Virtual size: 744KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 27KB - Virtual size: 33KB

.pdata Size: 22KB - Virtual size: 22KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

7c:f8:e1:0f:b5:db:50:9f:44:e8:f7:c0:9a:6d:e6:43
Certificate

.text
Size: 744KB - Virtual size: 744KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 27KB - Virtual size: 33KB

.pdata
Size: 22KB - Virtual size: 22KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB