a634eb3cfaf46fcddce406efd08ea0a0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a634eb3cfaf46fcddce406efd08ea0a0_NeikiAnalytics
Size

119KB
MD5

a634eb3cfaf46fcddce406efd08ea0a0
SHA1

f06a0bc833668d28d3699482238ccf840ab4f258
SHA256

75294bdd3734860308953f6fe561df77100ee276d991c5458e35875fe726d686
SHA512

488726f5297a05ba9b44f85b5d9f699bd80d54bdde0da481dc55a048264fa0448d540e6d881df388a83015b7bd74348a5262e7cf6e4e274de73ca01634e22717
SSDEEP

3072:FskK8o07YLu7g9+rAk2TaLFRSYjI8bmhBsYonoX+tSz:FIw8i7g9+r3iWksJnoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a634eb3cfaf46fcddce406efd08ea0a0_NeikiAnalytics

Files

a634eb3cfaf46fcddce406efd08ea0a0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

40715a9c26ec2c95fa61bd78a18908ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVDMCurrentDirectories
CancelIo
InitializeContext
RegDeleteTreeW
SetFileAttributesA
GetTapePosition
IsNativeVhdBoot
MapUserPhysicalPagesScatter
GetShortPathNameA
FindFirstFileW
OpenState

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE