b14ba69cb709071957f636c82be64fb0_NeikiAnalytics | Triage

Submit
Reports

Overview

overview

1

Static

static

1

b14ba69cb7...cs.exe

windows7-x64

1

b14ba69cb7...cs.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

b14ba69cb709071957f636c82be64fb0_NeikiAnalytics.exe

Resource

win7-20240419-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

b14ba69cb709071957f636c82be64fb0_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

b14ba69cb709071957f636c82be64fb0_NeikiAnalytics
Size

5KB
MD5

b14ba69cb709071957f636c82be64fb0
SHA1

a6c988304a1ab4f24e1035e53a4a59426414165a
SHA256

b7afd88dc42081669458b39171f7f7a4aea3955b38de045b272e7cd3c98c357a
SHA512

a255beb268e918d7424688b24a498c1858588601c66ed0148e6b3392ea830e003015dd553ce82c994740996e0ddc9eeed4dcd28f805028a96071a28fed4e11bd
SSDEEP

48:67DWlaQ1yUZl7dZ7CX+rqGjTFXY5oFhvmbybcwdCXnlwIw+Il/VoqI:dlsUZfZ7M+JtIKjvmbybqXnyIwpl/VoV

Score

1^/10

Malware Config

Signatures

Files

b14ba69cb709071957f636c82be64fb0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

b4:9e:10:c4:6a:d6:7e:eb
Certificate

Issuer

CN=Cubic::Privileged::2012,OU=SCM,O=Cubic Transportation Systems,L=San Diego,ST=CA,C=US,1.2.840.113549.1.9.1=#0c18636c656172636173652e68656c704063756269632e636f6d

Not Before

09/02/2012, 21:48

Not After

09/02/2032, 21:48

Subject

CN=Cubic::Privileged::2012,OU=SCM,O=Cubic Transportation Systems,L=San Diego,ST=CA,C=US,1.2.840.113549.1.9.1=#0c18636c656172636173652e68656c704063756269632e636f6d

49:91:46:fe:32:66:5e:99:bf:ac:28:e1:78:38:3f:8a:cc:41:32:81
Signer

Actual PE Digest

49:91:46:fe:32:66:5e:99:bf:ac:28:e1:78:38:3f:8a:cc:41:32:81

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Builds\19\CTSDev1\MV_LA\src\components\CM_GPRS\msvc9\Net35\gprs_popup_handler\obj\Release\gprs_popup_handler.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy