ed30df8970a8b77e9fdec20ced4a0180_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed30df8970a8b77e9fdec20ced4a0180_NeikiAnalytics
Size

17KB
MD5

ed30df8970a8b77e9fdec20ced4a0180
SHA1

4856c8439cb124d83048a9def44f072d9d41f3c8
SHA256

98398fe31a5a1451d40afc18e3178fb07a8883c6c171c3bd74c82b187b1369f0
SHA512

5d0b3950fb68d2ebf4db6a0837fc3d06cc3921a3b7c0b27a8fddcf50852625835140ad08a75fe61f8ed33092a601ea237dade9a5f721f8d936dbb2aac5d9c2bf
SSDEEP

384:ZbV2ihxzcX6plXnwCRqjhHJos7bZ7lVaQlf6xgBy8rQB8hX:5V2i7zcX6rpRehHRHZxAhx78rQ+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed30df8970a8b77e9fdec20ced4a0180_NeikiAnalytics

Files

ed30df8970a8b77e9fdec20ced4a0180_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\jshattuck\Documents\Box Sync\cs_quick\cs_quick\obj\x86\Debug\cs_quick.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ