7c0f4b16672611198415507e258e4930_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

7c0f4b16672611198415507e258e4930_NeikiAnalytics
Size

3.0MB
MD5

7c0f4b16672611198415507e258e4930
SHA1

efdf05261ff964870355a9537471657b8605a221
SHA256

a5e8bfcf74cfbb2b51ce833ed62559e41dde1c7fb68c7a3f6b5f0be9224035b5
SHA512

a8b684cd3347ded85d98d2671128742fa1b94134b962222f8e7fd658a125b956631ea79281ba43bc100c5f8393a6d5aebdf911f35e16193c396f82b9d2284189
SSDEEP

49152:szTuIGenN/hkvwTxmqugxa4FtMwAh1MlkuckCqNYVhsPGmt5XtVwKF9o:szTuIGENYwTxtJtMwY0XHNYgPGmtvt9o

Score

1^/10

Malware Config

Signatures

Files

7c0f4b16672611198415507e258e4930_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

b519c6b2538323c93569a401154abdd6

Code Sign

71:92:1e:f5:b4:48:91:b0:db:f2:00:ac:f8:e1:8b:af
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

14/01/2019, 00:00

Not After

30/10/2019, 23:59

Subject

CN=EBUN IT \,. LTD\,,O=EBUN IT \,. LTD\,,POSTALCODE=IG10 2DL\,,STREET=22-Langley ' Meadow..,L=LOUGHTON,ST=LOUGHTON,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ImageList_GetIconSize
ImageList_Create
ImageList_AddMasked
InitCommonControlsEx
ImageList_LoadImageW
ord17
ImageList_Draw
ImageList_Add
PropertySheetW

kernel32

WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
DuplicateHandle
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommandLineA
GetCPInfo
GetModuleHandleA
VirtualProtect
SetFileAttributesA
SearchPathA
TerminateThread
SetEndOfFile
CopyFileA
GetBinaryTypeW
OpenProcess
GetDiskFreeSpaceA
GlobalFlags
GetStringTypeW
RemoveDirectoryA
CreateMutexW
GetVersion
GetACP
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
GetModuleFileNameA
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
SetConsoleMode
LoadLibraryA
FreeLibrary
IsBadReadPtr
GetModuleHandleW
GetLastError
RaiseException
LeaveCriticalSection
GetExitCodeProcess
GetShortPathNameA
ResetEvent
MulDiv
GetSystemDirectoryW
FindResourceA
GetFileAttributesA
ResumeThread
GetTimeZoneInformation
CreateDirectoryA
GetStartupInfoA
GetTempPathA
DeleteFileA
GetProcAddress
ExitProcess
GetCurrentProcessId
lstrcmpiA
CloseHandle
GetVersionExA

user32

SendMessageA
MessageBoxA
GetClientRect
DrawTextA
SendMessageW
DispatchMessageW
GetSystemMenu
SetWindowLongW
DefWindowProcW
GetWindowLongA
ClientToScreen
RegisterClassExW
IsWindowVisible
CreatePopupMenu
GetSubMenu
SetWindowPos
CharNextW
CloseClipboard
OpenClipboard
EmptyClipboard
ReleaseDC
TrackPopupMenu
EnableMenuItem
GetWindowLongW
SetClassLongW
SetFocus
DestroyMenu
CharLowerBuffW
LoadMenuW
LoadStringW
AppendMenuW
CheckDlgButton
TranslateMessage
GetParent
LoadAcceleratorsW
TranslateAcceleratorW
GetClassInfoExW
IsWindowEnabled
InvalidateRect
SetCursor
DefWindowProcA
GetSysColor
EndPaint
BeginPaint
LoadBitmapA
GetClassNameW
DestroyWindow

gdi32

GetRgnBox
GetDeviceCaps
ScaleViewportExtEx
DeleteDC
SetViewportExtEx
CreateFontIndirectW
SelectObject
SaveDC
GetMapMode
SetTextColor
SetMapMode
DeleteObject
OffsetViewportOrgEx
RectVisible
GetDIBits
ExtTextOutW
TextOutW
GetClipBox
ScaleWindowExtEx
EnumFontsA
SetViewportOrgEx
GetBkColor
CreateBitmap
PtVisible
CreateBrushIndirect
CreateFontIndirectA
GetTextColor
CreateRectRgnIndirect
GetStockObject

advapi32

RegCreateKeyExA
AllocateLocallyUniqueId
RegEnumValueA
RegOpenKeyExW
EqualSid
RegCloseKey
LookupPrivilegeValueW
RegQueryValueW
RegDeleteValueA
LookupPrivilegeDisplayNameW
LookupPrivilegeNameA
AllocateAndInitializeSid
LookupPrivilegeNameW
InitializeSid
IsValidSid
RegCreateKeyExW
RegSetValueExA
RegDeleteKeyA
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegOpenKeyExA
OpenEventLogW
LookupAccountNameA
RegEnumKeyA

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 983KB - Virtual size: 983KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b519c6b2538323c93569a401154abdd6

Code Sign

71:92:1e:f5:b4:48:91:b0:db:f2:00:ac:f8:e1:8b:afCertificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 10KB - Virtual size: 177KB

.rsrc Size: 983KB - Virtual size: 983KB

71:92:1e:f5:b4:48:91:b0:db:f2:00:ac:f8:e1:8b:af
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 10KB - Virtual size: 177KB

.rsrc
Size: 983KB - Virtual size: 983KB