2ea71eb7e6237be39ac8f1436e1f7e30_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ea71eb7e6237be39ac8f1436e1f7e30_NeikiAnalytics
Size

90KB
MD5

2ea71eb7e6237be39ac8f1436e1f7e30
SHA1

94874f5449f7c77930938d526f5d4ad42205a3ef
SHA256

620a7e63475dff9c59162bf904c3eb32bd5048a1f71a72f58563cfedafd4c2c4
SHA512

66da4311a8aa70482c2d3eb4bcb9cd4a690e2f20cea6b763bc205007b812e6be1fa35670b48c0ff0964a3b253c780e434551abb9921ff05bc09456580a40334c
SSDEEP

1536:Dum4+il171+3b/XOe96gnM1WqjxkGwQUxJSPjVu8ikKnk8uSAIEjD5c:t4tozX596Q+WKk6UxcjkiK/6D5c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ea71eb7e6237be39ac8f1436e1f7e30_NeikiAnalytics

Files

2ea71eb7e6237be39ac8f1436e1f7e30_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

22953c0222c374b5c6b3341a48df763b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\PMS\pms4\Project(20130920)\GolfProject\bin\GolfProject.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadCursorW

advapi32

RegQueryValueExW

shell32

ShellExecuteW

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 72KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE