11145f78345e08505f0c99ca7a8ae020_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11145f78345e08505f0c99ca7a8ae020_NeikiAnalytics
Size

85KB
MD5

11145f78345e08505f0c99ca7a8ae020
SHA1

8279411445760cbd791efdd68c571f054b39ef2a
SHA256

5bfe5e51cece8ea9c86c57ed403baccbde0576515a1ca545bac218c9ef65d078
SHA512

402ca6e34ee6d6c88ec99ceda8bfa1769c5e0265a15128a8e19d77e33345dada78af367ea7b8b5e9cbd6b1dc88429d76e6660a8bb71062e8e5829469c6c8a677
SSDEEP

1536:6/RZS0mCtK8c2d7eN1qlxuNO+flUt9dJw1pet6a7L8jTilXmaD:6DS0mCtLcs7/yOYe7/tZ7gnixF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11145f78345e08505f0c99ca7a8ae020_NeikiAnalytics

Files

11145f78345e08505f0c99ca7a8ae020_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

0b36b0e34198e3f03f3d504f3bca3815

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteW

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

HDITRERW
Size: - Virtual size: 172KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HDITRERW
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE