18124a510fc10085f25ee8f2f5ee7c30_NeikiAnalytics | Triage

Sharing

General

Target

18124a510fc10085f25ee8f2f5ee7c30_NeikiAnalytics
Size

2.4MB
MD5

18124a510fc10085f25ee8f2f5ee7c30
SHA1

6857b2521131ad0991b389edb1854b20c0dab03b
SHA256

252f60c0860ec23a2d0a32ad94513393bf437b8722b49218c1db3c92119f9396
SHA512

b5e747adb5753025f5f4f9048f3f3d41dffb1cd58d13698550da104e3149e9f79e09761405491989f7182e8898af681e29f7e9604ed2b2ee896ca3ac2845c7f3
SSDEEP

49152:RqnstLet3LysEqnstLet3Lyx402RAR5FeA6w:RqnstLE/EqnstLE6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18124a510fc10085f25ee8f2f5ee7c30_NeikiAnalytics

Files

18124a510fc10085f25ee8f2f5ee7c30_NeikiAnalytics
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dbs\el\oc\target\x86\ship\postc2r\x-none\olicenseheartbeat.pdb

Sections

.text
Size: 213KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2r
Size: 512B - Virtual size: 320B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ