aff0437645d8f805db7ed8b646e42340_NeikiAnalytics | Triage

Sharing

General

Target

aff0437645d8f805db7ed8b646e42340_NeikiAnalytics
Size

320KB
MD5

aff0437645d8f805db7ed8b646e42340
SHA1

7d451cf845648d0374929f4230b4c06fa1da9efa
SHA256

13c2e564167f90086d0b743fc1f66df57840fe4658b9ebace786a45dd5af7ef4
SHA512

9d74089f6760cca4b0df0514e32362aa31a88e670f403c27e833ba36d79192866b137a881033dffd2cb425435d7740a4c151c341250d7d7073c739077007a78d
SSDEEP

6144:xJVezvUnIiH2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uT:v0UIg2EB0NxDIBuOFe7/uT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aff0437645d8f805db7ed8b646e42340_NeikiAnalytics

Files

aff0437645d8f805db7ed8b646e42340_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

552b8ac5f0948a948c6e7ac4668178a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemCodePagesA
GetSystemDefaultLCID
CreateToolhelp32Snapshot
LZCloseFile
GetConsoleCP
GetVersionExW
CreateNamedPipeA
FindFirstVolumeMountPointA
CreateVirtualBuffer
WritePrivateProfileSectionA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE