6587eb6fa33c2a28ec84c2d0604970a0_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

6587eb6fa33c2a28ec84c2d0604970a0_NeikiAnalytics.exe
Size

257KB
MD5

6587eb6fa33c2a28ec84c2d0604970a0
SHA1

6240bd0311e931b940cf8712339d15faf2922537
SHA256

b49ddf01aa1bf018e67851adbc49c817d9814b76d133775ec3fc5e0d77e6283f
SHA512

4652d72141cf219e0008691a0bc62343b7d2bb7c46699ea31ed53e52882d92505acc13ed4938dc052c064569360cb40cd14d55c93fbfa64dcc53c63fe8c5dcc2
SSDEEP

3072:snjCSLS29Aj+OT8y+cjsk2zpPipP6s+ReN8GdiJXFYiyfi6Svqst2bf66zIWQE+/:snD5AjskySRoei0kh6CROi6zIsFu0ex

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6587eb6fa33c2a28ec84c2d0604970a0_NeikiAnalytics.exe

Files

6587eb6fa33c2a28ec84c2d0604970a0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

25ca7162d63764656c40de15242a9804

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\ade\jenkins\workspace\8-2-build-windows-i586-cygwin\jdk8u241\331\build\windows-i586\jdk\objs\libj2pkcs11\j2pkcs11.pdb

Imports

msvcr100

_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
strlen
strcpy
strcat
malloc
memcpy
memset
free
calloc
_snprintf
strcmp

kernel32

GetProcAddress
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
FreeLibrary
LoadLibraryA
GetLastError
FormatMessageA
LocalFree
GetModuleHandleA

Exports

Exports

_JNI_OnLoad@8
_Java_sun_security_pkcs11_Secmod_nssGetLibraryHandle@12
_Java_sun_security_pkcs11_Secmod_nssGetModuleList@20
_Java_sun_security_pkcs11_Secmod_nssInitialize@28
_Java_sun_security_pkcs11_Secmod_nssLoadLibrary@12
_Java_sun_security_pkcs11_Secmod_nssVersionCheck@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1CloseSession@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1CopyObject@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1CreateObject@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Decrypt@56
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptFinal@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptInit@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DecryptUpdate@56
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DeriveKey@32
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DestroyObject@24
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestFinal@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestInit@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestKey@24
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestSingle@44
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1DigestUpdate@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Encrypt@56
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptFinal@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptInit@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1EncryptUpdate@56
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Finalize@12
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1FindObjects@24
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1FindObjectsFinal@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1FindObjectsInit@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKey@24
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateKeyPair@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GenerateRandom@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetAttributeValue@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetInfo@8
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetMechanismInfo@24
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetMechanismList@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetOperationState@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSessionInfo@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSlotInfo@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetSlotList@12
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1GetTokenInfo@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Initialize@12
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Login@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Logout@16
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1OpenSession@32
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SeedRandom@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SetAttributeValue@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SetOperationState@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Sign@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignFinal@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignInit@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecover@40
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignRecoverInit@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1SignUpdate@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1UnwrapKey@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1Verify@24
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyFinal@20
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyInit@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecover@40
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyRecoverInit@28
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1VerifyUpdate@36
_Java_sun_security_pkcs11_wrapper_PKCS11_C_1WrapKey@36
_Java_sun_security_pkcs11_wrapper_PKCS11_connect@16
_Java_sun_security_pkcs11_wrapper_PKCS11_disconnect@8
_Java_sun_security_pkcs11_wrapper_PKCS11_finalizeLibrary@8
_Java_sun_security_pkcs11_wrapper_PKCS11_freeMechanism@16
_Java_sun_security_pkcs11_wrapper_PKCS11_initializeLibrary@8

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25ca7162d63764656c40de15242a9804

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 912B

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 213KB - Virtual size: 216KB

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 912B

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 213KB - Virtual size: 216KB