Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Static task
static1
Behavioral task
behavioral1
Sample
7074bbad75d2bd82d0e7782dfad5596ccd65f0897ce0e130f3ab4b18a498dfc0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7074bbad75d2bd82d0e7782dfad5596ccd65f0897ce0e130f3ab4b18a498dfc0_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
Target
7074bbad75d2bd82d0e7782dfad5596ccd65f0897ce0e130f3ab4b18a498dfc0_NeikiAnalytics.exe
Size
661KB
MD5
b6a3be7875447fbf50cb9a47c643bee0
SHA1
5915886d6ef3dfe702ac807a27f05a4f5100ee6c
SHA256
7074bbad75d2bd82d0e7782dfad5596ccd65f0897ce0e130f3ab4b18a498dfc0
SHA512
156398f72516274ac82670e9bef2da0593218334593144892497edb4c9b1bdae70a8daac18b28b72bb3696f8885c356274836bf4b24e91c1dc3b362c36774aeb
SSDEEP
6144:U3ROyeSo7/7V2EeyPkWocAJ4NX/6+3YJjDUu+sprAWSmxCPn9P74rO2X69/qeanj:Uk76hljSiAWzMPnBJTvhywxWRqhC
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
D:\out_x64\Qt\qt_src_6.5.3\qtbase\bin\QtWebEngineProcess.pdb
QueryDosDeviceW
GetLongPathNameW
GetFileAttributesW
SetCurrentDirectoryW
RtlCaptureStackBackTrace
FormatMessageA
GetLocalTime
OutputDebugStringA
GetCurrentDirectoryW
GetModuleHandleExW
QueryThreadCycleTime
UnmapViewOfFile
GetSystemTimeAsFileTime
QueryPerformanceFrequency
QueryPerformanceCounter
RtlVirtualUnwind
RtlLookupFunctionEntry
TlsGetValue
WideCharToMultiByte
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
AcquireSRWLockExclusive
CreateNamedPipeW
WriteFile
GetCommandLineW
GetProcessHeaps
SetThreadAffinityMask
VirtualFree
GetCurrentProcessorNumber
HeapSetInformation
SetUnhandledExceptionFilter
GetThreadId
TlsFree
TlsAlloc
GetThreadPriority
SetThreadPriority
GetCurrentThread
Sleep
RaiseException
IsDebuggerPresent
TlsSetValue
SetHandleInformation
GetFileType
FreeLibrary
AssignProcessToJobObject
MapViewOfFile
CreateFileMappingW
WriteProcessMemory
ReadProcessMemory
CreateFileW
LocalFree
LoadLibraryW
GetModuleHandleA
GetModuleFileNameW
IsWow64Process
GetNativeSystemInfo
GetVersionExW
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
InitializeProcThreadAttributeList
LoadLibraryExW
UnregisterWaitEx
ExpandEnvironmentStringsW
GetProcAddress
GetModuleHandleW
VirtualAlloc
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
EnumSystemLocalesEx
GetUserDefaultLocaleName
GetUserDefaultLCID
GetUserDefaultLangID
GetTickCount
HeapDestroy
TerminateProcess
UnregisterWait
RegisterWaitForSingleObject
SetInformationJobObject
TerminateJobObject
GetCurrentThreadId
CreateThread
GetCurrentProcess
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
DuplicateHandle
SetLastError
CloseHandle
CreateMutexW
GetProcessHandleCount
VirtualAllocEx
VirtualProtectEx
VirtualFreeEx
CreateJobObjectW
QueryInformationJobObject
GetSystemInfo
InitializeSRWLock
ReleaseSRWLockShared
AcquireSRWLockShared
InitOnceExecuteOnce
DebugBreak
lstrlenW
CreateRemoteThread
GetLogicalProcessorInformation
RtlCaptureContext
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
GetProductInfo
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
OpenProcess
GetCurrentProcessId
GetLastError
?qWebEngineChromiumVersion@@YAPEBDXZ
?processMain@QtWebEngineCore@@YAHHPEAPEBD@Z
?staticSandboxInterfaceInfo@QtWebEngineSandbox@@YAPEAUSandboxInterfaceInfo@sandbox@@PEAU23@@Z
?qWebEngineVersion@@YAPEBDXZ
?warning@QMessageLogger@@QEBAXPEBDZZ
?qErrnoWarning@@YAXHPEBDZZ
?deallocate@QArrayData@@SAXPEAU1@_J1@Z
??0QString@@QEAA@$$QEAU?$QArrayDataPointer@_S@@@Z
??0QLibrary@@QEAA@PEAVQObject@@@Z
?applicationName@QCoreApplication@@SA?AVQString@@XZ
?resolve@QLibrary@@QEAAP6AXXZPEBD@Z
?load@QLibrary@@QEAA_NXZ
?setFileName@QLibrary@@QEAAXAEBVQString@@@Z
?compare@QOperatingSystemVersionBase@@KAHV1@0@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?info@QMessageLogger@@QEBAXPEBDZZ
??0QCoreApplication@@QEAA@AEAHPEAPEADH@Z
?toLocal8Bit@QString@@QEHAA?AVQByteArray@@XZ
??1QString@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
??1QLibrary@@UEAA@XZ
?Windows8_1@QOperatingSystemVersion@@2V1@B
??1QByteArray@@QEAA@XZ
??1QCoreApplication@@UEAA@XZ
?current@QOperatingSystemVersion@@SA?AV1@XZ
_Thrd_yield
_Xtime_get_ticks
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Raise_handler@std@@3P6AXAEBVexception@stdext@@@ZEA
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
_Mtx_lock
_Mtx_unlock
?_Throw_Cpp_error@std@@YAXH@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@G@Z
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
memset
memcpy
_purecall
memcmp
__C_specific_handler
memmove
memchr
strrchr
strstr
strchr
__current_exception
__current_exception_context
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler4
free
_set_new_mode
_callnewh
realloc
malloc
_seh_filter_exe
_set_app_type
terminate
_crt_atexit
abort
_errno
_configure_narrow_argv
_initialize_narrow_environment
_get_narrow_winmain_command_line
_initterm
_initterm_e
exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
_register_onexit_function
_exit
_invoke_watson
_invalid_parameter_noinfo_noreturn
round
ceilf
exp
log
floor
ceil
__setusermatherr
__p__commode
_set_fmode
__acrt_iob_func
_write
__stdio_common_vfprintf
__stdio_common_vsnprintf_s
__stdio_common_vsnwprintf_s
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vswprintf
isxdigit
_wcsdup
wcscmp
_wcsnicmp
_wcsicmp
_strdup
getenv
_configthreadlocale
AdjustTokenPrivileges
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegDisablePredefinedCache
RegCloseKey
RevertToSelf
CreateWellKnownSid
EqualSid
GetLengthSid
GetSidSubAuthority
InitializeSid
IsValidSid
ConvertSidToStringSidW
ConvertStringSidToSidW
SetEntriesInAclW
GetNamedSecurityInfoW
SetSecurityInfo
BuildTrusteeWithSidW
CreateProcessAsUserW
SetThreadToken
OpenProcessToken
DuplicateToken
GetTokenInformation
AccessCheck
DuplicateTokenEx
GetAce
GetKernelObjectSecurity
GetSecurityDescriptorSacl
MapGenericMask
SetKernelObjectSecurity
SetTokenInformation
InitializeAcl
EventRegister
EventUnregister
EventWrite
AddMandatoryAce
GetSecurityInfo
GetSecurityDescriptorDacl
SystemFunction036
FreeSid
ImpersonateLoggedOnUser
CreateRestrictedToken
LookupPrivilegeValueW
CommandLineToArgvW
GetProcessWindowStation
SetProcessWindowStation
CreateWindowStationW
CreateDesktopW
GetUserObjectInformationW
GetThreadDesktop
CloseWindowStation
CloseDesktop
timeGetTime
CoTaskMemFree
GetHandleVerifier
IsSandboxedProcess
TargetCreateNamedPipeW
TargetCreateNamedPipeW64
TargetCreateThread
TargetCreateThread64
TargetGdiDllInitialize
TargetGdiDllInitialize64
TargetGetStockObject
TargetGetStockObject64
TargetNtCreateFile
TargetNtCreateFile64
TargetNtCreateSection
TargetNtCreateSection64
TargetNtMapViewOfSection
TargetNtMapViewOfSection64
TargetNtOpenFile
TargetNtOpenFile64
TargetNtOpenProcess
TargetNtOpenProcess64
TargetNtOpenProcessToken
TargetNtOpenProcessToken64
TargetNtOpenProcessTokenEx
TargetNtOpenProcessTokenEx64
TargetNtOpenThread
TargetNtOpenThread64
TargetNtOpenThreadToken
TargetNtOpenThreadToken64
TargetNtOpenThreadTokenEx
TargetNtOpenThreadTokenEx64
TargetNtQueryAttributesFile
TargetNtQueryAttributesFile64
TargetNtQueryFullAttributesFile
TargetNtQueryFullAttributesFile64
TargetNtSetInformationFile
TargetNtSetInformationFile64
TargetNtSetInformationThread
TargetNtSetInformationThread64
TargetNtUnmapViewOfSection
TargetNtUnmapViewOfSection64
TargetRegisterClassW
TargetRegisterClassW64
g_current_mitigations
g_handles_to_close
g_interceptions
g_nt
g_originals
g_sentinel_value_end
g_sentinel_value_start
g_shared_IPC_size
g_shared_delayed_integrity_level
g_shared_delayed_mitigations
g_shared_policy_size
g_shared_section
g_shared_startup_mitigations
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ