26fba6589e9929d67e9ff0e319eec140_NeikiAnalytics | Triage

Sharing

General

Target

26fba6589e9929d67e9ff0e319eec140_NeikiAnalytics
Size

531KB
MD5

26fba6589e9929d67e9ff0e319eec140
SHA1

be04d97992263c14c5e3d65a211f8aaacee852c9
SHA256

b5f75a4c3bc4f24b921e093be5c6bf004867f353b8ce738b9828bbb0eac555bb
SHA512

b9df5a61abb71022b10d15f9eaa5c60a3d1c1a58915f6da99ad08fac5be5023b30f1e2ee47e3b0432a4e7103210425bb34509b34ee76f719daeba9f56fcb3445
SSDEEP

6144:XybMxk3/vDWzgyVC27VXKLy8G1fbAl83fsY0LJtIjEv4ztf6nTXR9ltoVQDeXhLg:CbMxk3gVpVwygofP0L3p4mTBnt2nf0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26fba6589e9929d67e9ff0e319eec140_NeikiAnalytics

Files

26fba6589e9929d67e9ff0e319eec140_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

a7447a305b1b2a8a9d6e242b03694cbe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

oleaut32

SysFreeString

advapi32

RegCloseKey

user32

CharNextA

gdi32

SaveDC

version

VerQueryValueA

comctl32

ImageList_Add

winmm

waveOutOpen

Sections

feelinn
Size: 370KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

feelinn
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

feelinn
Size: 152B - Virtual size: 152B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE