69a6a0f5b5ecb447ddc528327a5a66f73124642d19d8d3ede231b380d6df2d3f_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

69a6a0f5b5ecb447ddc528327a5a66f73124642d19d8d3ede231b380d6df2d3f_NeikiAnalytics.exe
Size

34KB
MD5

52cd0e5ae8ae07c02c3f7d72b9c89c40
SHA1

31f81f122a9962a3c4f7e18d5e89e06da012bc7f
SHA256

69a6a0f5b5ecb447ddc528327a5a66f73124642d19d8d3ede231b380d6df2d3f
SHA512

c27385c7b0273879b943cba555113fff5c0ae5953e61fa9b3a58d12b3875760b309605cc3dcf660641714571a05f6accaef4a234df4c94926fcd5da4cf2e33ed
SSDEEP

768:O0ZQsFFb9coQJzyrtwKEN4mkCdHsrYhqpgYHbn1:OWQYEoyzGCKEN4mkYHsrNHR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69a6a0f5b5ecb447ddc528327a5a66f73124642d19d8d3ede231b380d6df2d3f_NeikiAnalytics.exe

Files

69a6a0f5b5ecb447ddc528327a5a66f73124642d19d8d3ede231b380d6df2d3f_NeikiAnalytics.exe
.dll windows:6 windows x86 arch:x86

d7da4212a6ccc4fac00611e7a8888a6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins_ci\workspace\A\HCP-Plugin-04\WebControl\target\output\win32\release\Serial.pdb

Imports

node

?New@Number@v8@@SA?AV?$Local@VNumber@v8@@@2@PAVIsolate@2@N@Z
?New@Object@v8@@SA?AV?$Local@VObject@v8@@@2@PAVIsolate@2@@Z
?Get@Object@v8@@QAE?AV?$Local@VValue@v8@@@2@V32@@Z
?Set@Object@v8@@QAE_NV?$Local@VValue@v8@@@2@0@Z
?NewFromUtf8@String@v8@@SA?AV?$Local@VString@v8@@@2@PAVIsolate@2@PBDW4NewStringType@12@H@Z
?Call@Function@v8@@QAE?AV?$Local@VValue@v8@@@2@V32@HQAV32@@Z
uv_close
node_module_register
uv_async_send
uv_async_init
?SetName@Function@v8@@QAEXV?$Local@VString@v8@@@2@@Z
uv_default_loop
??0Utf8Value@String@v8@@QAE@V?$Local@VValue@v8@@@2@@Z
??1Utf8Value@String@v8@@QAE@XZ
?ToString@Value@v8@@QBE?AV?$MaybeLocal@VString@v8@@@2@V?$Local@VContext@v8@@@2@@Z
?ToObject@Value@v8@@QBE?AV?$MaybeLocal@VObject@v8@@@2@V?$Local@VContext@v8@@@2@@Z
?BooleanValue@Value@v8@@QBE_NXZ
?Int32Value@Value@v8@@QBEHXZ
?GlobalizeReference@V8@v8@@CAPAPAVObject@internal@2@PAVIsolate@42@PAPAV342@@Z
?DisposeGlobal@V8@v8@@CAXPAPAVObject@internal@2@@Z
?New@FunctionTemplate@v8@@SA?AV?$Local@VFunctionTemplate@v8@@@2@PAVIsolate@2@P6AXABV?$FunctionCallbackInfo@VValue@v8@@@2@@ZV?$Local@VValue@v8@@@2@V?$Local@VSignature@v8@@@2@HW4ConstructorBehavior@2@@Z
?GetFunction@FunctionTemplate@v8@@QAE?AV?$Local@VFunction@v8@@@2@XZ
??0HandleScope@v8@@QAE@PAVIsolate@1@@Z
??1HandleScope@v8@@QAE@XZ
?CreateHandle@HandleScope@v8@@KAPAPAVObject@internal@2@PAVIsolate@42@PAV342@@Z
?GetCurrent@Isolate@v8@@SAPAV12@XZ
?GetCurrentContext@Isolate@v8@@QAE?AV?$Local@VContext@v8@@@2@XZ
?New@Integer@v8@@SA?AV?$Local@VInteger@v8@@@2@PAVIsolate@2@H@Z
?Global@Context@v8@@QAE?AV?$Local@VObject@v8@@@2@XZ

cardreader

?CRInitCardReader@CardReader@@YAHUstruCardReaderInfo@1@@Z
?CRUnInitCardReader@CardReader@@YAHXZ
?CRStartAutoGetIDMode@CardReader@@YAHP6GHUstruIDCard@1@PAX@Z1@Z
?CRStopAutoMode@CardReader@@YAHXZ
?CRStartAutoMode@CardReader@@YAHP6GHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAX@Z1@Z
?CRGetLastError@CardReader@@YAIXZ

fingerprintreader

?FPInitFingerprint@FingerprintReader@@YAHUstruFingerprintReaderInfo@1@P6GHPBDHPAX@Z2@Z
?FPStopCollectFingerprint@FingerprintReader@@YAHXZ
?FPIsCollectingFingerprint@FingerprintReader@@YA_NXZ
?FPGetLastError@FingerprintReader@@YAIXZ
?FPStartCollectFingerprint@FingerprintReader@@YAHXZ
?FPUnInitFingerprint@FingerprintReader@@YAHXZ

videocapture

CloseVideo
StartVideo

msvcp140

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_BADOFF@std@@3_JB
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z

vcruntime140

memchr
memcpy
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
_except_handler4_common
__std_type_info_destroy_list
__CxxFrameHandler3
memmove

api-ms-win-crt-string-l1-1-0

strcpy_s

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent

Exports

Exports

?__autoclassinit2@CallbackScope@node@@QAEXI@Z
_register_NODE_GYP_MODULE_NAME_

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d7da4212a6ccc4fac00611e7a8888a6f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

node

cardreader

fingerprintreader

videocapture

msvcp140

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 68B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 68B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB