bdb7a1bda068e06c1bdb08f8e55611f0_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

bdb7a1bda068e06c1bdb08f8e55611f0_NeikiAnalytics
Size

382KB
MD5

bdb7a1bda068e06c1bdb08f8e55611f0
SHA1

9b27235dd5bb02e7348591d206834abb504e62bc
SHA256

5aa30c11d13dd985385aeeff01480cf6f817c7e7265b105f042b18199003dab8
SHA512

eb5af12ee767f37f10b18e409cba6a78dc57123ab77f76bb600c8561c37d5ac9f99266d6932e1a605d844ae9c6ef4ef06375269541ec644f59377f7a8e778275
SSDEEP

6144:YJ5d8vdFbknkiKI8fsBmCK4aGDv1PTBGIStB00reNkzOhg5fP1hxUuz1swsBjzIz:YJ5WFQLKImn54aGxPTiWDCcEDP9Mv9Yj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdb7a1bda068e06c1bdb08f8e55611f0_NeikiAnalytics

Files

bdb7a1bda068e06c1bdb08f8e55611f0_NeikiAnalytics
.dll windows:6 windows x86 arch:x86

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u281\880\build\windows-i586\jdk\objs\libsplashscreen\splashscreen.pdb

Imports

kernel32

IsDebuggerPresent
MultiByteToWideChar
GetProcAddress
GetModuleHandleA
GetTickCount
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
ExitProcess
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetModuleHandleW
FreeLibrary
VirtualQuery
VirtualProtect
GetSystemInfo
GetLastError
RaiseException

gdi32

CreatePalette
CreateDIBSection
StretchDIBits
SelectPalette
SelectObject
RealizePalette
GetDeviceCaps
ExtCreateRegion
DeleteObject
DeleteDC
CombineRgn
CreateCompatibleDC
CreateRectRgn

vcruntime140

memset
memcmp
_except_handler4_common
__std_type_info_destroy_list
longjmp
_setjmp3
memcpy

api-ms-win-crt-heap-l1-1-0

free
calloc
realloc
malloc

api-ms-win-crt-stdio-l1-1-0

fgetc
fopen
fread
fclose
__stdio_common_vsscanf
__stdio_common_vfprintf
__acrt_iob_func
ungetc

api-ms-win-crt-string-l1-1-0

_stricmp
strlen
strncmp

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_errno
_execute_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

floor
pow
_except1

Exports

Exports

SplashClose
SplashGetScaledImageName
SplashInit
SplashLoadFile
SplashLoadMemory
SplashSetFileJarName
SplashSetScaleFactor
_JNI_OnLoad@8
_Java_java_awt_SplashScreen__1close@16
_Java_java_awt_SplashScreen__1getBounds@16
_Java_java_awt_SplashScreen__1getImageFileName@16
_Java_java_awt_SplashScreen__1getImageJarName@16
_Java_java_awt_SplashScreen__1getInstance@8
_Java_java_awt_SplashScreen__1getScaleFactor@16
_Java_java_awt_SplashScreen__1isVisible@16
_Java_java_awt_SplashScreen__1setImageData@20
_Java_java_awt_SplashScreen__1update@40

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 210KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

91df4a18992fbc7bf445da61bc5360cd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

Exports

Exports

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 512B - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 952B

.reloc Size: 210KB - Virtual size: 212KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 512B - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 952B

.reloc
Size: 210KB - Virtual size: 212KB