64078454aee49a423a756fc37c4e9a20_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64078454aee49a423a756fc37c4e9a20_NeikiAnalytics
Size

331KB
MD5

64078454aee49a423a756fc37c4e9a20
SHA1

f7f0ef368bcc95bc3e05ec9c1e82f17105d17b8c
SHA256

4987f0371b7fa678a5f66b3da353c3080e121c2da0879c2ca437bf37b8d8ec2e
SHA512

da0b0564fed38431f6d375f94e399050c6759862df3e9d4fa41523ea8a9d43955f9301f50453a958280d8fc8db5dae02e92cc150420fdf32ae95ba16b02a92fc
SSDEEP

6144:ikiw0tQABCSZzHHjP87ovX8EAZ7hluc3zA/iWOlvs:KVtn0oznjP87ovX8EG7vN0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64078454aee49a423a756fc37c4e9a20_NeikiAnalytics

Files

64078454aee49a423a756fc37c4e9a20_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\horio-newlook\branches\3.1.5.0\FingerprintCapturer\obj\x86\Debug\HorioFingerprintCapturer.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ