2ab0ac72b9b117cc034bb8cecbcce36a89ca06080b8912785554de5005a613b2_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2ab0ac72b9b117cc034bb8cecbcce36a89ca06080b8912785554de5005a613b2_NeikiAnalytics.exe
Size

242KB
MD5

b839103bc6211a80d85294e4e09f7100
SHA1

b05d6cc5767ead9ae8fcd8938cdfc01b7d6966a7
SHA256

2ab0ac72b9b117cc034bb8cecbcce36a89ca06080b8912785554de5005a613b2
SHA512

c602b349b10f9673b94149e525955e47ee38dd291099bcedce70820696391d2c1867bc1634748865e7abf1d6a4725ce7721b9805549cb47d4ce74a5a95b283e3
SSDEEP

6144:9GbOa4zUAltEr6gaisMNHZKAZOqKzJyR50JB:9i4znEyiVNHEAc+o

Score

1^/10

Malware Config

Signatures

Files

2ab0ac72b9b117cc034bb8cecbcce36a89ca06080b8912785554de5005a613b2_NeikiAnalytics.exe
.dll windows:4 windows x64 arch:x64

033948c62bfd711016b51d95c9af81f8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

09:81:71:42:db:02:1a:c3:5e:f3:c3:c2:04:43:8f:19
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

28/05/2014, 00:00

Not After

27/05/2017, 23:59

Subject

CN=DL Technology Ltd,O=DL Technology Ltd,POSTALCODE=IG9 5BH,STREET=131 Queens Road,L=Buckhurst Hill,ST=Essex,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
GetLocaleInfoA
HeapReAlloc
LoadLibraryA
InitializeCriticalSection
HeapSize
lstrlenW
CreateFileW
CloseHandle
GetTickCount
QueryPerformanceCounter
RtlUnwindEx
GetEnvironmentStringsW
WideCharToMultiByte
GlobalReAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetModuleHandleW
WriteFile
GetVersionExW
GetLocalTime
HeapAlloc
GetLastError
HeapFree
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetVersionExA
GetProcessHeap
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
Sleep
RaiseException
HeapSetInformation
HeapCreate
HeapDestroy
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

FillRect
SetRect
CopyRect
GetDlgItem
IsWindowEnabled
EnableWindow
SetFocus
CheckDlgButton
InvalidateRect
GetClientRect
GetDlgItemInt
GetActiveWindow
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsDlgButtonChecked
GetDC
ReleaseDC
DialogBoxParamW
SetDlgItemTextW
EndDialog
SendDlgItemMessageW
GetDlgItemTextW
SetDlgItemInt

gdi32

SelectPalette
SetMetaFileBitsEx
SaveDC
PlayEnhMetaFile
RestoreDC
DeleteEnhMetaFile
CreateCompatibleDC
CreateCompatibleBitmap
SetBitmapDimensionEx
SetViewportOrgEx
SetViewportExtEx
PlayMetaFile
GetMetaFileBitsEx
SetWinMetaFileBits
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
DeleteDC
SetMapMode
SetWindowExtEx
SetWindowOrgEx
SetBkMode
Rectangle
SetTextColor
SetBkColor
SetStretchBltMode
SetDIBitsToDevice
StretchDIBits
GetDeviceCaps
GetBitmapBits
DeleteObject
SelectObject
CreateSolidBrush
CreatePen
ExtTextOutW
SetTextAlign
CreateFontIndirectW
GetObjectW
GetStockObject
GetDIBits
RealizePalette

comdlg32

ChooseFontW
ChooseColorW
GetSaveFileNameW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

AskDlgProc
BarAsk
BarAskEx
BarAskEx2
BarCdc
BarCdcb
BarCdcd
BarCdd
BarCddc
BarCdh2
BarCdin
BarCdinEx
BarCdm
BarCdmx
BarCdp
BarCdrd
BarCds
BarCodeb
BarCodeb2
BarCodeb3
BarCodebc
BarCodec
BarCoded
BarCoded3
BarCodedc
BarCodef
BarCodef2
BarCodeh
BarCodeh2
BarCodeh3
BarCodem
BarCodemx
BarCodep
BarDraw
BarDrawBitmap
BarDrawEnh
BarInfo
BarInit
BarSaveImage
BarSaveImage2
Barcodes
Barfinf
Code128Dlg
ErrorMess
GetDpi
GhDlsbar
ImageFileName
SetCompact
SetDpi
ZDlgProc
dllzw
get128Controls
set128Controls
setMode

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

033948c62bfd711016b51d95c9af81f8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

09:81:71:42:db:02:1a:c3:5e:f3:c3:c2:04:43:8f:19Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 10KB - Virtual size: 143KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

09:81:71:42:db:02:1a:c3:5e:f3:c3:c2:04:43:8f:19
Certificate

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 10KB - Virtual size: 143KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB