a8e80107d8d1e64b2e2a1aa7683f3e70_NeikiAnalytics | Triage

Sharing

General

Target

a8e80107d8d1e64b2e2a1aa7683f3e70_NeikiAnalytics
Size

80KB
MD5

a8e80107d8d1e64b2e2a1aa7683f3e70
SHA1

cf73995377c48a5e8a22a70d1ec04fa0e25e9891
SHA256

8a4909edd9fc35b36e7ae79908cb83dbd4d81629691f2a00667a81f03c8d54a4
SHA512

dc5069c8da735c2675fc83a725663ad8f7e9865e7703c6277de39a19888addecd0da02fc6670752d593ccc3cc2fa4b6e395abc6595bc0540b050a2ce8bf037d7
SSDEEP

1536:jIr3YriYiUi+H++o1eVlXd+8c0GXmvJJNHjLwl50fP5jy:jyYti0pXd+8c0GWvJ3Hvwl52W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8e80107d8d1e64b2e2a1aa7683f3e70_NeikiAnalytics

Files

a8e80107d8d1e64b2e2a1aa7683f3e70_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

BSBDHSHD
Size: - Virtual size: 164KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSBDHSHD
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE