709793b5048fa99441149783ded6edb0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

709793b5048fa99441149783ded6edb0_NeikiAnalytics
Size

108KB
MD5

709793b5048fa99441149783ded6edb0
SHA1

6ff4273250ee1639f033b1564bead7a0d7c02167
SHA256

044e7b895dcd6bcdf6b1cf867942daa0e04d8830f98f10d5823bf826d4d430ef
SHA512

589b3b1bab548b13283ea52bc1d1619b80e49081d8c547a2526791ca4f15574e10ab5812aa8c24a9addf9d05f31a8e5cfccb586ac34072ab32db6dba20c6cdaa
SSDEEP

1536:0b5UcwF+l/YxdxN7mT9Dm5gPHiv5km2B9c7A8z9gr6ko:2BwF+hY/u9D7Kk5Q7hp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
709793b5048fa99441149783ded6edb0_NeikiAnalytics

Files

709793b5048fa99441149783ded6edb0_NeikiAnalytics
.dll .js windows:4 windows x86 arch:x86 polyglot

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\95126ce9\6d005bfa\App_Web_dyt33niv.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ