38b71c48c8d45cae9f51d951668feb6292b674b81c7c753dd165e2382adbd863_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

38b71c48c8d45cae9f51d951668feb6292b674b81c7c753dd165e2382adbd863_NeikiAnalytics.exe
Size

172KB
MD5

8be08fcf198d72bf58b9a685168af7f0
SHA1

1353d15fd9b4abb3a8f76825c57dde31259ffafd
SHA256

38b71c48c8d45cae9f51d951668feb6292b674b81c7c753dd165e2382adbd863
SHA512

8a572cf5332eb9ca754281b585f479b19d935caf23d85175d92a7c8fa9928b1e00dfd510ea9aa1f03ff5548c1206233e82ce0a7979d222dad63cc3ea08f3c1fc
SSDEEP

3072:5UqclKhL87y6B0b8rlsxCzCvTROpvBWUhRLhzyUkpKVw40dOAz54US:+Tl+p6B0b8rlsxCzClOpvrOUrVJIOAz0

Score

1^/10

Malware Config

Signatures

Files

38b71c48c8d45cae9f51d951668feb6292b674b81c7c753dd165e2382adbd863_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

064981e3899228bc2be5a6ede351adc3

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:d8:d1:e4:8d:2d:9e:fd:c0:2c:22:43:5c:f1:68:03
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/09/2022, 00:00

Not After

30/08/2024, 23:59

Subject

SERIALNUMBER=9133010076822698XU,CN=Shining 3D Tech Co.\, Ltd.,O=Shining 3D Tech Co.\, Ltd.,L=Hangzhou,ST=Zhejiang,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130848616e677a686f75,1.3.6.1.4.1.311.60.2.1.2=#13085a68656a69616e67,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:99:97:86:22:97:b5:b0:ad:f6:88:00:26:6b:25:a3:4b:27:8c:7a:8c:6f:a6:88:77:94:ba:89:b9:85:df:b7
Signer

Actual PE Digest

7a:99:97:86:22:97:b5:b0:ad:f6:88:00:26:6b:25:a3:4b:27:8c:7a:8c:6f:a6:88:77:94:ba:89:b9:85:df:b7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\shining3DSourcesn\shining3DLibrary\Bin\Release.x64\sn3DFileIO.pdb

Imports

sn3dimageload

?sn3DWriteImage@sn3DImageLoad@@YAHPEBDAEAV?$sn3DImageData@E@sn3DCore@@@Z
?sn3DReadImage@sn3DImageLoad@@YAHPEBDAEAV?$sn3DImageData@E@sn3DCore@@@Z

msvcp120

??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Getcat@?$codecvt@DDH@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?unshift@?$codecvt@DDH@std@@QEBAHAEAHPEAD1AEAPEAD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?_Xout_of_range@std@@YAXPEBD@Z
?out@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDH@std@@QEBAHAEAHPEBD1AEAPEBDPEAD3AEAPEAD@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Orphan_all@_Container_base0@std@@QEAAXXZ
?_Xbad_alloc@std@@YAXXZ
?_BADOFF@std@@3_JB
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAPEBDH@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ

msvcr120

sscanf
memmove
_unlock_file
ungetc
fgetpos
memchr
_fseeki64
fflush
fgetc
fsetpos
fgets
fopen
setvbuf
_lock_file
??_V@YAXPEAX@Z
fread
fprintf
_purecall
??3@YAXPEAX@Z
memcpy_s
fwrite
toupper
ftell
setlocale
fseek
fclose
??2@YAPEAX_K@Z
printf
getc
strncmp
calloc
atoi
strtok
atof
sprintf
free
malloc
realloc
exit
?terminate@@YAXXZ
_lock
_unlock
_calloc_crt
__dllonexit
__C_specific_handler
_onexit
__crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__crtCaptureCurrentContext
__crtCapturePreviousContext
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
??0bad_cast@std@@QEAA@AEBV01@@Z
??0bad_cast@std@@QEAA@PEBD@Z
??1bad_cast@std@@UEAA@XZ
feof
fputc
fscanf
strcmp
memcpy
memset
??0exception@std@@QEAA@AEBV01@@Z
_strdup
_CxxThrowException
__CxxFrameHandler3
atan
log
memcmp

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
EncodePointer

Exports

Exports

?sn3DRead3ds@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z
?sn3DReadAsc@sn3DGraphic@@YA_NPEBDPEAVsn3DPointSet@sn3DCore@@@Z
?sn3DReadDxf@sn3DGraphic@@YA_NPEBDPEAVsn3DPointSet@sn3DCore@@@Z
?sn3DReadObj@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z
?sn3DReadPly@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z
?sn3DReadStl@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z
?sn3DReadWrl@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z
?sn3DWriteAsc@sn3DGraphic@@YA_NPEBDPEAVsn3DPointSet@sn3DCore@@@Z
?sn3DWriteObj@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z
?sn3DWriteStl@sn3DGraphic@@YA_NPEBDPEAVsn3DTriMesh@sn3DCore@@@Z

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

064981e3899228bc2be5a6ede351adc3

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:d8:d1:e4:8d:2d:9e:fd:c0:2c:22:43:5c:f1:68:03Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

7a:99:97:86:22:97:b5:b0:ad:f6:88:00:26:6b:25:a3:4b:27:8c:7a:8c:6f:a6:88:77:94:ba:89:b9:85:df:b7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

sn3dimageload

msvcp120

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 115KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 4KB - Virtual size: 7KB

.pdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 648B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:d8:d1:e4:8d:2d:9e:fd:c0:2c:22:43:5c:f1:68:03
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

7a:99:97:86:22:97:b5:b0:ad:f6:88:00:26:6b:25:a3:4b:27:8c:7a:8c:6f:a6:88:77:94:ba:89:b9:85:df:b7
Signer

.text
Size: 115KB - Virtual size: 115KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 4KB - Virtual size: 7KB

.pdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 648B