91a0874470ecd2e4c2112fcf9b59d600_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

91a0874470ecd2e4c2112fcf9b59d600_NeikiAnalytics.exe
Size

2.6MB
MD5

91a0874470ecd2e4c2112fcf9b59d600
SHA1

925983b037c1fd696fa964e3b424e942c6acc48a
SHA256

b37eba3e7356b26f0c8fbfa0fe420ccd19865968228be53adb6f3576dca35d3e
SHA512

3c2146ba73ac44182165e92850f88c554b016de578e2cfddb810eb7388be12fbf0ec1b9f114c68f7889c7f2dbaaa76fae5bc3d2fdc1405d6f2cc38c0616dee45
SSDEEP

49152:Qcfh/N6lw6DSO/Ewt+jJH+J5CE0uKihkSMhnBcEQpiKTXSQo5QrXlglGI2AA4SVJ:x0pDSblH+JECK9SMhnPQpimXSQo5QrXj

Score

1^/10

Malware Config

Signatures

Files

91a0874470ecd2e4c2112fcf9b59d600_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

65c8876f4bfa91ea83c23e2389c2385a

Code Sign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

95:7c:45:b5:ff:fd:97:f4
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

01/07/2015, 02:00

Not After

01/07/2016, 02:00

Subject

CN=Cellica Software Pvt Ltd,O=Cellica Software Pvt Ltd,L=Jalgaon,ST=Maharashtra,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

67:0a:fa:89:f3:4c:1a:38:e6:36:1a:16:17:2c:3a:65:9a:87:65:eb
Signer

Actual PE Digest

67:0a:fa:89:f3:4c:1a:38:e6:36:1a:16:17:2c:3a:65:9a:87:65:eb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Yogesh Current_Work\Desktop Side\Cellica Database Anywhere\Single User\Current work\Desktop\SyncService\WIFI\CellicaDBAnywhereSyncService.pdb

Imports

ws2_32

send
recv
socket
inet_ntoa
gethostname
connect
WSAStartup
htons
closesocket
gethostbyname
WSACleanup
WSAGetLastError

odbc32

ord171
ord68
ord31
ord26
ord108
ord30
ord12
ord119
ord176
ord24
ord127
ord18
ord43
ord13
ord4
ord111
ord136
ord152
ord16
ord165
ord140
ord61
ord139
ord75
ord9
ord107
ord154
ord157
ord49
ord48
ord78
ord145
ord72

wininet

InternetCrackUrlW
InternetSetOptionExW
HttpOpenRequestW
InternetConnectW
HttpSendRequestW
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetQueryDataAvailable

kernel32

CreateSemaphoreW
ReleaseSemaphore
FileTimeToSystemTime
ReleaseActCtx
lstrcmpW
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GlobalDeleteAtom
lstrcmpA
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
LocalReAlloc
GlobalGetAtomNameW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
GlobalFlags
SetThreadPriority
ResumeThread
GetCurrentDirectoryW
lstrcpyW
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GlobalAddAtomW
GlobalFindAtomW
FreeResource
GetTempFileNameW
GetTempPathW
GetWindowsDirectoryW
GetNumberFormatW
GetProfileIntW
SearchPathW
VirtualProtect
FindResourceExW
GetFullPathNameW
GetVolumeInformationW
FindClose
DuplicateHandle
UnlockFile
LockFile
ActivateActCtx
DeactivateActCtx
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
SetEnvironmentVariableA
CompareStringW
WriteConsoleW
SetEndOfFile
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
InterlockedExchange
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
ReadFile
GetConsoleMode
GetConsoleCP
LCMapStringW
GetTimeZoneInformation
SetFilePointer
GetStartupInfoW
SetHandleCount
GetFileType
SetStdHandle
GetStringTypeW
IsValidCodePage
GetOEMCP
GetACP
FileTimeToLocalFileTime
GetLocaleInfoW
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapCreate
GetModuleFileNameW
GetStdHandle
WriteFile
IsProcessorFeaturePresent
ExitProcess
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapSetInformation
GetCommandLineW
LeaveCriticalSection
EnterCriticalSection
CreateThread
ExitThread
GetSystemTimeAsFileTime
GetFileAttributesW
HeapSize
HeapReAlloc
IsDebuggerPresent
UnhandledExceptionFilter
SetConsoleCtrlHandler
RaiseException
DecodePointer
EncodePointer
RtlUnwind
GetModuleHandleA
GetSystemDirectoryA
CreateFileA
GetFileSize
MoveFileExA
GetModuleFileNameA
LocalAlloc
LocalLock
LocalUnlock
LoadLibraryA
Module32FirstW
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
Process32NextW
CopyFileW
GetModuleHandleW
GetSystemInfo
lstrcmpiW
SetErrorMode
Sleep
WaitForSingleObject
HeapAlloc
UnmapViewOfFile
GetProcessHeap
HeapFree
GetVersionExW
GetLastError
CreateFileMappingW
MapViewOfFile
SetLastError
FormatMessageW
LocalFree
WideCharToMultiByte
CreateDirectoryW
GetLocalTime
MultiByteToWideChar
lstrlenW
TerminateProcess
LoadLibraryW
CreateFileW
GetCurrentThreadId
GetProcAddress
GetCurrentProcess
GetCurrentProcessId
FreeLibrary
SetUnhandledExceptionFilter
MoveFileW
FindFirstFileW
DeleteFileW
SetEvent
WaitForMultipleObjects
CloseHandle
CreateEventW
LoadResource
LockResource
SizeofResource
FindResourceW
FindNextFileW
lstrlenA
GetCPInfo
HeapQueryInformation
VirtualAlloc
VirtualQuery
GetDriveTypeW

user32

EndDialog
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
WaitMessage
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
GetNextDlgGroupItem
LoadImageW
CopyImage
GetIconInfo
GetNextDlgTabItem
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
BringWindowToTop
SetCursorPos
SetRect
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
MapVirtualKeyW
ToUnicodeEx
CopyAcceleratorTableW
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
MessageBeep
ReleaseCapture
SetCapture
GetSystemMenu
LoadMenuW
SetClassLongW
GetAsyncKeyState
NotifyWinEvent
WindowFromPoint
CreatePopupMenu
DestroyAcceleratorTable
SetParent
RedrawWindow
SetWindowRgn
IsZoomed
IsIconic
OffsetRect
IsRectEmpty
DestroyMenu
GetMenuItemInfoW
IntersectRect
InflateRect
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetMessagePos
CreateDialogIndirectParamW
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
CallWindowProcW
GetMenu
DestroyIcon
GetClassInfoW
DefWindowProcW
MapWindowPoints
GetClientRect
SetLayeredWindowAttributes
EnumDisplayMonitors
SystemParametersInfoW
GetMonitorInfoW
SetRectEmpty
CopyRect
KillTimer
SetTimer
InvalidateRect
UpdateWindow
DeleteMenu
ShowOwnedPopups
SetCursor
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
SetWindowPos
ShowWindow
MoveWindow
SetWindowLongW
IsWindow
IsDialogMessageW
SendDlgItemMessageW
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
RegisterClipboardFormatW
CopyIcon
CharUpperBuffW
GetDoubleClickTime
IsCharLowerW
GetKeyNameTextW
MapVirtualKeyExW
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetDlgItem
CheckDlgButton
GetScrollPos
SetScrollPos
SetFocus
GetFocus
RealChildWindowFromPoint
ClientToScreen
GetWindow
GetWindowRgn
MonitorFromWindow
GetDlgCtrlID
GetWindowRect
GetClassNameW
PtInRect
SetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetDesktopWindow
PostMessageW
PostQuitMessage
UnhookWindowsHookEx
GetWindowTextLengthW
GetWindowTextW
CharUpperW
GetSystemMetrics
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
MessageBoxA
wsprintfW
GetMessageTime

gdi32

GetTextColor
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
PatBlt
GetRgnBox
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
GetPixel
FrameRgn
GetWindowExtEx
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
CombineRgn
SetRectRgn
BitBlt
FillRgn
GetTextCharsetInfo
EnumFontFamiliesW
GetTextMetricsW
CreateRectRgnIndirect
CreateCompatibleBitmap
GetViewportExtEx
GetObjectW
CreateRectRgn
SelectClipRgn
SetLayout
GetLayout
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
SetBkMode
SetBkColor
RestoreDC
SaveDC
DeleteObject
CreateDCW
CopyMetaFileW
GetBkColor
CreatePolygonRgn
CreateRoundRectRgn
CreateDIBSection
GetTextExtentPoint32W
GetBoundsRect
GetDeviceCaps
CreateFontIndirectW
CreateDIBitmap
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateCompatibleDC
CreateBitmap
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DPtoLP

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegCreateKeyExW
SetKernelObjectSecurity
GetKernelObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegEnumValueW
RegEnumKeyW
RegQueryValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW
RegCreateKeyW
FreeSid
RegSetValueExW
RegFlushKey
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
IsValidSecurityDescriptor
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner
GetSecurityDescriptorGroup
SetSecurityDescriptorGroup
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
GetSecurityDescriptorDacl

shell32

SHAppBarMessage
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish
SHGetSpecialFolderLocation

comctl32

ImageList_GetIconSize

shlwapi

PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathRemoveFileSpecW

ole32

CoInitializeEx
CoCreateGuid
CLSIDFromProgID
OleRun
CoInitialize
CoUninitialize
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CoCreateInstance
CLSIDFromString
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleLockRunning
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
DoDragDrop

oleaut32

VariantInit
VariantClear
VarR8FromCy
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocStringLen
VarBstrFromDate
SysAllocString
SysFreeString
VarR8FromDec

gdiplus

GdipFree
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65c8876f4bfa91ea83c23e2389c2385a

Code Sign

07Certificate

Key Usages

95:7c:45:b5:ff:fd:97:f4Certificate

Extended Key Usages

Key Usages

67:0a:fa:89:f3:4c:1a:38:e6:36:1a:16:17:2c:3a:65:9a:87:65:ebSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

odbc32

wininet

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 461KB - Virtual size: 460KB

.data Size: 32KB - Virtual size: 63KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 187KB - Virtual size: 187KB

07
Certificate

95:7c:45:b5:ff:fd:97:f4
Certificate

67:0a:fa:89:f3:4c:1a:38:e6:36:1a:16:17:2c:3a:65:9a:87:65:eb
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 461KB - Virtual size: 460KB

.data
Size: 32KB - Virtual size: 63KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 187KB - Virtual size: 187KB