9320a66eef8cf9fb34c438d444f5407660d8a7761cc68db6ed9b32f903066146_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9320a66eef8cf9fb34c438d444f5407660d8a7761cc68db6ed9b32f903066146_NeikiAnalytics.exe
Size

188KB
MD5

dde5b7f090db836a318568adc9aeb510
SHA1

dacea510534e643aaff3b7dc09f1f9fe2b33dea1
SHA256

9320a66eef8cf9fb34c438d444f5407660d8a7761cc68db6ed9b32f903066146
SHA512

ea6d55f988514dfbb423c275caa3e48695bb2eb35fe22faf97efc3100c46c0ca4a19032fb8e84e73a70833a9f3317a0d11628a23f79e3941d21e3699bef7e1ad
SSDEEP

3072:1ryFYFpMC+A1uEO/g/OJglmkZK6thJYPKxvSFY7DC:1eFYFpu4uEOTlAYH4C

Score

1^/10

Malware Config

Signatures

Files

9320a66eef8cf9fb34c438d444f5407660d8a7761cc68db6ed9b32f903066146_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

2fa10c87179cde6ed89146ca8df21f45

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0e:14:6e:06:31:e8:0e:5f:85:e2:cf:f9:e8:7f:43:3d
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17-06-2021 00:00

Not After

21-06-2024 23:59

Subject

CN=THALES DIS FRANCE SA,OU=BPS,O=THALES DIS FRANCE SA,L=Meudon,C=FR,1.2.840.113549.1.9.1=#0c174e49532e537570706f72744067656d616c746f2e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3b:5b:52:63:0a:e1:de:e3:45:04:bc:2e:28:95:81:3c:2f:7d:7b:03:62:6d:3b:d4:05:60:58:be:d4:5e:ae:75
Signer

Actual PE Digest

3b:5b:52:63:0a:e1:de:e3:45:04:bc:2e:28:95:81:3c:2f:7d:7b:03:62:6d:3b:d4:05:60:58:be:d4:5e:ae:75

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\ProgramData\Jenkins\.jenkins\workspace\eSigner6x-Folder\Windows\Builds\Win-BuildNB-eSigner6x\lib\Release\Win32\eSignerJava.pdb

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryA
GetModuleFileNameA
VirtualQuery
GetModuleFileNameW
SetEndOfFile
CreateFileW
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcessHeap
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
SetLastError
GetFileType
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
ReadFile
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
RtlUnwind
RaiseException
CloseHandle
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
GetStringTypeW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
CompareStringW
LCMapStringW
ReadConsoleW
SetStdHandle
WriteConsoleW
SetEnvironmentVariableA

user32

MessageBoxA

Exports

Exports

_Java_com_identrus_isil_Signature_AddToBuffer@24
_Java_com_identrus_isil_Signature_FreeBuffer@16
_Java_com_identrus_isil_Signature_esDestroy@8
_Java_com_identrus_isil_Signature_esInit@8
_Java_com_identrus_isil_Signature_esRequestIdentitySignatureFromBuffer@24
_Java_com_identrus_isil_Signature_esRequestIdentitySignature__@8
_Java_com_identrus_isil_Signature_esRequestIdentitySignature___3BLjava_lang_String_2Ljava_lang_String_2@20
_Java_com_identrus_isil_Signature_esRequestUtilitySignature@12

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fa10c87179cde6ed89146ca8df21f45

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

0e:14:6e:06:31:e8:0e:5f:85:e2:cf:f9:e8:7f:43:3dCertificate

Extended Key Usages

Key Usages

3b:5b:52:63:0a:e1:de:e3:45:04:bc:2e:28:95:81:3c:2f:7d:7b:03:62:6d:3b:d4:05:60:58:be:d4:5e:ae:75Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 7KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

0e:14:6e:06:31:e8:0e:5f:85:e2:cf:f9:e8:7f:43:3d
Certificate

3b:5b:52:63:0a:e1:de:e3:45:04:bc:2e:28:95:81:3c:2f:7d:7b:03:62:6d:3b:d4:05:60:58:be:d4:5e:ae:75
Signer

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 7KB