caf3899676dcaf58242ce231eb031440_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

caf3899676dcaf58242ce231eb031440_NeikiAnalytics
Size

749KB
MD5

caf3899676dcaf58242ce231eb031440
SHA1

5955726bdd7dbfaf842f8cc4c39d0bde07c2b7ce
SHA256

6bfe11b905d3cd4a308120180806781000014c5f663b2cc8336bbda6ba99a836
SHA512

c6e589a2becd7c011fdf86cfc6b97557c00f971d969569f679b271014027f6f5263c86558376a060e2d2e47feab823fb743f471d77c101c0c24a0e45f7b378c4
SSDEEP

3072:fd6BQcSOa5Iz3I5aSRqwhZGI38v1IG8/1QcSOa5Iz3I5aSRkwhkGc38s:r/8v1IG8/1zX8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caf3899676dcaf58242ce231eb031440_NeikiAnalytics

Files

caf3899676dcaf58242ce231eb031440_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\darren.obrien\Documents\Visual Studio 2017\Projects\Client Print Management\CPM\obj\Debug\CPM.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 519KB - Virtual size: 518KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ