81a2ca8425b64d8251a0412ae3865fe0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

81a2ca8425b64d8251a0412ae3865fe0_NeikiAnalytics
Size

393KB
MD5

81a2ca8425b64d8251a0412ae3865fe0
SHA1

2ace15997537e0c857a8fc57a8c7f7f982232cb0
SHA256

d1cfbe73331d22ef6eea0ad23c6feec8bb4a635299c2326d37de6b0515a21b25
SHA512

5c8d82c147d8ffe940d55a01e580e3639bed733528dd4a7d05f012bee502c84105be4185b95d151f7f16ee9c17a1d6fb9766de6114b28ac47c75544d1257b247
SSDEEP

12288:QzekhQqKIMVO4RGxPTVzJyEPj41/8M8ZBGqm04G:QzTQqKIMO4kPT/ZUZyBGE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81a2ca8425b64d8251a0412ae3865fe0_NeikiAnalytics

Files

81a2ca8425b64d8251a0412ae3865fe0_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u281\880\build\windows-i586\jdk\objs\libsplashscreen\splashscreen.pdb

Imports

kernel32

IsDebuggerPresent
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
GetTickCount
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException

gdi32

CreatePalette
CreateDIBSection
StretchDIBits
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
ExtCreateRegion
DeleteObject
DeleteDC
CombineRgn
CreateCompatibleDC
CreateRectRgn

vcruntime140

memset
memcmp
_except_handler4_common
__std_type_info_destroy_list
longjmp
_setjmp3
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

fgetc
fopen
fread
fclose
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
ungetc

api-ms-win-crt-string-l1-1-0

_stricmp
strlen
strncmp

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_errno
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

floor
pow
_except1

Exports

Exports

SplashClose
SplashGetScaledImageName
SplashInit
SplashLoadFile
SplashLoadMemory
SplashSetFileJarName
SplashSetScaleFactor
_JNI_OnLoad@8
_Java_java_awt_SplashScreen__1close@16
_Java_java_awt_SplashScreen__1getBounds@16
_Java_java_awt_SplashScreen__1getImageFileName@16
_Java_java_awt_SplashScreen__1getImageJarName@16
_Java_java_awt_SplashScreen__1getInstance@8
_Java_java_awt_SplashScreen__1getScaleFactor@16
_Java_java_awt_SplashScreen__1isVisible@16
_Java_java_awt_SplashScreen__1setImageData@20
_Java_java_awt_SplashScreen__1update@40

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 222KB - Virtual size: 224KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 222KB - Virtual size: 224KB