Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Behavioral task
behavioral1
Sample
6bfc3b899d03bdf8e878ee8a69128090ca8f69cd2f6c65ec0d619a1300a52236_NeikiAnalytics.dll
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
6bfc3b899d03bdf8e878ee8a69128090ca8f69cd2f6c65ec0d619a1300a52236_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
Target
6bfc3b899d03bdf8e878ee8a69128090ca8f69cd2f6c65ec0d619a1300a52236_NeikiAnalytics.exe
Size
61KB
MD5
3212f688e01fb3ec8396d57a2cfe09b0
SHA1
5fcb3ed8716a701ba4c46a77eba00a8608eb05ec
SHA256
6bfc3b899d03bdf8e878ee8a69128090ca8f69cd2f6c65ec0d619a1300a52236
SHA512
b675276a91eb24d443480add3380785bc9a5f0960c99f8a9bf2ded800e896d138f6ce9c409693d0075e26d7c27ab266c6e88e64f96c5805a78eda27a11235bff
SSDEEP
768:m8b0EhpFJdaO2168VodxWAEMoGOz4bm1FzKF9bObNr7zybLwbuycMEpYinAMxgmj:mQNpF3Sl/3SKQtary3JyW7Hxgmj
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
Processes:
resource | yara_rule |
---|---|
sample | agile_net |
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
c:\GitCertiHuella\certihuellaCerticamara\CertihuellaAPIDotNetSoapWsSecurity\ClienteCertiHuellaSoapAPI_Sha256\ClienteCertiHuellaSoapAPI\obj\Debug\ClienteCertiHuellaSoapAPI.pdb
_CorDllMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ