283615c545c24dc530ffd20c413c05b0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

283615c545c24dc530ffd20c413c05b0_NeikiAnalytics
Size

71KB
MD5

283615c545c24dc530ffd20c413c05b0
SHA1

814260015a76153fe036badf9593eb1ec2e8574a
SHA256

ee78ee328594fefbc98642561153ca8eb249c88faa1198ae1535e531d18507df
SHA512

a46c61866808ee080cfd5afb60760a4bc808fc27cffc0e29f5ca9178a8cf8d1b010c70fdb364f385ee8db3321b801c4e5365be965f2015b5eeb017239d253b69
SSDEEP

1536:snH2IzOhDnDbGghOyLpysBkcGHAtfuxQYhH9LmVBaxGR:W2IkDnzOyEAi7hH9LOWa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
283615c545c24dc530ffd20c413c05b0_NeikiAnalytics

Files

283615c545c24dc530ffd20c413c05b0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f63702a724f937a48f627ab22e3f2273

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThreadpoolWork
GetLastError
SetThreadStackGuarantee
MapViewOfFileFromApp
CreateProcessA
DuplicateEncryptionInfoFileExt
GetConsoleOriginalTitleA
ReadConsoleInputA
EncodeSystemPointer
LeaveCriticalSection

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE