abd8d420f723d482846d1195abd8f2613abcbec49b13c2605815c6aaa6926e85_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

abd8d420f723d482846d1195abd8f2613abcbec49b13c2605815c6aaa6926e85_NeikiAnalytics.exe
Size

217KB
MD5

9ac955508550e352aaabdd6f6bd072f0
SHA1

5fd0e23e1eee8e086fca6522187292d0bc21244b
SHA256

abd8d420f723d482846d1195abd8f2613abcbec49b13c2605815c6aaa6926e85
SHA512

19c45afd0143b7b2c26dd7eec0ebb112da1382c453f432547153295b618b11d6f73e7ecde111a82c0fb59d797b3b51b9bcc6d27a042d7d868ce66ba262f24684
SSDEEP

6144:12hc2/AGsWnssWcsWYsW7sWWsWZsW2sWhsWksl2sWMsWGsWCsWLsWgsWmsWfsWxl:1UsWssWcsWYsW7sWWsWZsW2sWhsWksl5

Score

1^/10

Malware Config

Signatures

Files

abd8d420f723d482846d1195abd8f2613abcbec49b13c2605815c6aaa6926e85_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

689857464e2584a3f81fcd9dfbe335bc

Code Sign

0f:b5:f5:e0:22:b8:59:12:7a:2f:aa:4f:5d:a6:2e:9f
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/08/2023, 00:00

Not After

02/07/2025, 23:59

Subject

SERIALNUMBER=HE 340361,CN=Movavi Software Limited,O=Movavi Software Limited,L=Agios Athanasios,C=CY,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024359

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:3f:32:45:af:d9:2c:42:a7:d1:56:d4:57:ce:a8:85:d4:f9:96:dd:82:49:f3:ae:93:38:cf:8b:3f:49:e6:f7
Signer

Actual PE Digest

28:3f:32:45:af:d9:2c:42:a7:d1:56:d4:57:ce:a8:85:d4:f9:96:dd:82:49:f3:ae:93:38:cf:8b:3f:49:e6:f7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\.conan\4a073c\1\qtquickcontrols2\qml\QtQuick\Controls.2\Fusion\qtquickcontrols2fusionstyleplugin.pdb

Imports

qt5quick

?qt_metacall@QQuickPaintedItem@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QQuickPaintedItem@@UEAAPEAXPEBD@Z
?staticMetaObject@QQuickPaintedItem@@2UQMetaObject@@B
?isEnabled@QQuickItem@@QEBA_NXZ
?windowDeactivateEvent@QQuickItem@@MEAAXXZ
?wheelEvent@QQuickItem@@MEAAXPEAVQWheelEvent@@@Z
?updatePolish@QQuickItem@@MEAAXXZ
?updatePaintNode@QQuickPaintedItem@@MEAAPEAVQSGNode@@PEAV2@PEAUUpdatePaintNodeData@QQuickItem@@@Z
?touchUngrabEvent@QQuickItem@@MEAAXXZ
?touchEvent@QQuickItem@@MEAAXPEAVQTouchEvent@@@Z
?textureProvider@QQuickPaintedItem@@UEBAPEAVQSGTextureProvider@@XZ
?releaseResources@QQuickPaintedItem@@MEAAXXZ
?mouseUngrabEvent@QQuickItem@@MEAAXXZ
?mouseReleaseEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?mousePressEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?mouseMoveEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?mouseDoubleClickEvent@QQuickItem@@MEAAXPEAVQMouseEvent@@@Z
?keyReleaseEvent@QQuickItem@@MEAAXPEAVQKeyEvent@@@Z
?keyPressEvent@QQuickItem@@MEAAXPEAVQKeyEvent@@@Z
?isTextureProvider@QQuickPaintedItem@@UEBA_NXZ
?width@QQuickItem@@QEBANXZ
?inputMethodEvent@QQuickItem@@MEAAXPEAVQInputMethodEvent@@@Z
?hoverMoveEvent@QQuickItem@@MEAAXPEAVQHoverEvent@@@Z
?hoverLeaveEvent@QQuickItem@@MEAAXPEAVQHoverEvent@@@Z
?hoverEnterEvent@QQuickItem@@MEAAXPEAVQHoverEvent@@@Z
?geometryChanged@QQuickItem@@MEAAXAEBVQRectF@@0@Z
?focusOutEvent@QQuickItem@@MEAAXPEAVQFocusEvent@@@Z
?focusInEvent@QQuickItem@@MEAAXPEAVQFocusEvent@@@Z
?event@QQuickItem@@MEAA_NPEAVQEvent@@@Z
?dropEvent@QQuickItem@@MEAAXPEAVQDropEvent@@@Z
?dragMoveEvent@QQuickItem@@MEAAXPEAVQDragMoveEvent@@@Z
?dragLeaveEvent@QQuickItem@@MEAAXPEAVQDragLeaveEvent@@@Z
?dragEnterEvent@QQuickItem@@MEAAXPEAVQDragEnterEvent@@@Z
?contains@QQuickItem@@UEBA_NAEBVQPointF@@@Z
?componentComplete@QQuickItem@@MEAAXXZ
?clipRect@QQuickItem@@UEBA?AVQRectF@@XZ
?classBegin@QQuickItem@@MEAAXXZ
?childMouseEventFilter@QQuickItem@@MEAA_NPEAV1@PEAVQEvent@@@Z
?boundingRect@QQuickItem@@UEBA?AVQRectF@@XZ
?itemChange@QQuickPaintedItem@@MEAAXW4ItemChange@QQuickItem@@AEBTItemChangeData@3@@Z
?update@QQuickPaintedItem@@QEAAXAEBVQRect@@@Z
??1QQuickPaintedItem@@UEAA@XZ
??0QQuickPaintedItem@@QEAA@PEAVQQuickItem@@@Z
?setVisible@QQuickItem@@QEAAX_N@Z
?isVisible@QQuickItem@@QEBA_NXZ
?height@QQuickItem@@QEBANXZ
?inputMethodQuery@QQuickItem@@UEBA?AVQVariant@@W4InputMethodQuery@Qt@@@Z

qt5gui

?setRenderHint@QPainter@@QEAAXW4RenderHint@1@_N@Z
??0QColor@@QEAA@HHHH@Z
?setAlpha@QColor@@QEAAXH@Z
?hue@QColor@@QEBAHXZ
?saturation@QColor@@QEBAHXZ
?value@QColor@@QEBAHXZ
?setHsv@QColor@@QEAAXHHHH@Z
?lighter@QColor@@QEBA?AV1@H@Z
?darker@QColor@@QEBA?AV1@H@Z
?color@QBrush@@QEBAAEBVQColor@@XZ
??0QRadialGradient@@QEAA@NNNNN@Z
??1QRadialGradient@@QEAA@XZ
??0QPalette@@QEAA@XZ
??0QPalette@@QEAA@AEBV0@@Z
??1QPalette@@QEAA@XZ
??4QPalette@@QEAAAEAV0@AEBV0@@Z
?brush@QPalette@@QEBAAEBVQBrush@@W4ColorGroup@1@W4ColorRole@1@@Z
??8QPalette@@QEBA_NAEBV0@@Z
??0QPen@@QEAA@AEBVQColor@@@Z
?setPen@QPainter@@QEAAXAEBVQColor@@@Z
?setPen@QPainter@@QEAAXW4PenStyle@Qt@@@Z
?setBrush@QPainter@@QEAAXAEBVQBrush@@@Z
?setBrush@QPainter@@QEAAXW4BrushStyle@Qt@@@Z
?drawEllipse@QPainter@@QEAAXAEBVQRectF@@@Z
?setAlphaF@QColor@@QEAAXN@Z
?color@QPalette@@QEBAAEBVQColor@@W4ColorRole@1@@Z
?red@QColor@@QEBAHXZ
?green@QColor@@QEBAHXZ
?blue@QColor@@QEBAHXZ
?setRed@QColor@@QEAAXH@Z
?setGreen@QColor@@QEAAXH@Z
?setBlue@QColor@@QEAAXH@Z
?rgb@QColor@@QEBAIXZ
?setHsl@QColor@@QEAAXHHHH@Z
?fromRgb@QColor@@SA?AV1@I@Z
?setBrush@QPalette@@QEAAXW4ColorGroup@1@W4ColorRole@1@AEBVQBrush@@@Z
??4QPalette@@QEAAAEAV0@$$QEAV0@@Z
?translate@QPainter@@QEAAXAEBVQPointF@@@Z
?setPen@QPainter@@QEAAXAEBVQPen@@@Z
??1QPen@@QEAA@XZ
??0QPen@@QEAA@AEBVQBrush@@NW4PenStyle@Qt@@W4PenCapStyle@3@W4PenJoinStyle@3@@Z
??1QConicalGradient@@QEAA@XZ
??0QConicalGradient@@QEAA@XZ
?setColorAt@QGradient@@QEAAXNAEBVQColor@@@Z
??1QBrush@@QEAA@XZ
??0QBrush@@QEAA@AEBVQGradient@@@Z
??0QBrush@@QEAA@AEBVQColor@@W4BrushStyle@Qt@@@Z
??8QColor@@QEBA_NAEBV0@@Z
??4QColor@@QEAAAEAV0@AEBV0@@Z
??0QColor@@QEAA@W4GlobalColor@Qt@@@Z
??0QColor@@QEAA@XZ
?drawArc@QPainter@@QEAAXAEBVQRectF@@HH@Z
?setCenter@QConicalGradient@@QEAAXAEBVQPointF@@@Z

qt5qml

?initializeEngine@QQmlExtensionPlugin@@UEAAXPEAVQQmlEngine@@PEBD@Z
?qmlregister@QQmlPrivate@@YAHW4RegistrationType@1@PEAX@Z
?qdeclarativeelement_destructor@QQmlPrivate@@YAXPEAVQObject@@@Z
?qmlRegisterModule@@YAXPEBDHH@Z

qt5core

?qt_metacall@QObject@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QObject@@UEAAPEAXPEBD@Z
?staticMetaObject@QObject@@2UQMetaObject@@B
?qResourceFeatureZlib@@YAEXZ
?qUnregisterResourceData@@YA_NHPEBE00@Z
?qRegisterResourceData@@YA_NHPEBE00@Z
?isRelative@QUrl@@QEBA_NXZ
??1QUrl@@QEAA@XZ
??0QUrl@@QEAA@AEBV0@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?registerNormalizedTypedef@QMetaType@@SAHAEBVQByteArray@@H@Z
?registerNormalizedType@QMetaType@@SAHAEBVQByteArray@@P6AXPEAX@ZP6APEAX1PEBX@ZHV?$QFlags@W4TypeFlag@QMetaType@@@@PEBUQMetaObject@@@Z
??1QString@@QEAA@XZ
??0QString@@QEAA@XZ
?append@QByteArray@@QEAAAEAV1@PEBD@Z
?append@QByteArray@@QEAAAEAV1@D@Z
??BQByteArray@@QEBAPEBDXZ
?reserve@QByteArray@@QEAAXH@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
??1QObject@@UEAA@XZ
??0QObject@@QEAA@PEAV0@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?className@QMetaObject@@QEBAPEBDXZ
??0QMessageLogger@@QEAA@PEBDH0@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@AEBV0@@Z
??1QByteArray@@QEAA@XZ

qt5quicktemplates2

?setPalette@QQuickTheme@@QEAAXW4Scope@1@AEBVQPalette@@@Z

qt5quickcontrols2

?resolvedUrl@QQuickStylePlugin@@QEBA?AVQUrl@@AEBVQString@@@Z
??1QQuickStylePlugin@@UEAA@XZ
??0QQuickStylePlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QQuickStylePlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QQuickStylePlugin@@UEAAPEAXPEBD@Z
?staticMetaObject@QQuickStylePlugin@@2UQMetaObject@@B
?isDarkSystemTheme@QQuickStylePrivate@@SA_NXZ

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead

vcruntime140

memcpy
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

689857464e2584a3f81fcd9dfbe335bc

Code Sign

0f:b5:f5:e0:22:b8:59:12:7a:2f:aa:4f:5d:a6:2e:9fCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

28:3f:32:45:af:d9:2c:42:a7:d1:56:d4:57:ce:a8:85:d4:f9:96:dd:82:49:f3:ae:93:38:cf:8b:3f:49:e6:f7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

qt5quick

qt5gui

qt5qml

qt5core

qt5quicktemplates2

qt5quickcontrols2

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 179KB - Virtual size: 178KB

.data Size: 3KB - Virtual size: 4KB

.pdata Size: 2KB - Virtual size: 1KB

.qtmetad Size: 512B - Virtual size: 133B

.rsrc Size: 1024B - Virtual size: 888B

.reloc Size: 1024B - Virtual size: 860B

0f:b5:f5:e0:22:b8:59:12:7a:2f:aa:4f:5d:a6:2e:9f
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

28:3f:32:45:af:d9:2c:42:a7:d1:56:d4:57:ce:a8:85:d4:f9:96:dd:82:49:f3:ae:93:38:cf:8b:3f:49:e6:f7
Signer

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 179KB - Virtual size: 178KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 2KB - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 133B

.rsrc
Size: 1024B - Virtual size: 888B

.reloc
Size: 1024B - Virtual size: 860B