6fc0d69c9ff6069a8d22f11ac5859720_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fc0d69c9ff6069a8d22f11ac5859720_NeikiAnalytics
Size

38KB
MD5

6fc0d69c9ff6069a8d22f11ac5859720
SHA1

b378b71606bbf67203793d2ac2ca6909e71bc6d3
SHA256

1595bc87fd4de4c773c34654e030936046b2516d928427a300760aa4be44bea9
SHA512

f850cbcf371f72b28c20aa3b2f4702bda2e9477a4df13fbd47d7a3c5930e67f7a276281cccc3004dafff0b82fa962d77a51abcf01ecc5f5fee6ce99b05b3f9e2
SSDEEP

384:4Yn28lm/ij5PFUcLCWOTUNGXgZB+GA80PZxowIDpse7r1AZhzfcP:4Ynfm/ij5JtJqgPxA80PZxkFE1fS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc0d69c9ff6069a8d22f11ac5859720_NeikiAnalytics

Files

6fc0d69c9ff6069a8d22f11ac5859720_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

8b952403cd7980f20cd10a1500bc5902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoInitialize

kernel32

RaiseException
HeapSetInformation
GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
Sleep
TerminateProcess

advapi32

CredFree

dhcpcsvc

DhcpDeRegisterParamChange

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ