bede3a0fd1ecd3406f68fc850eeca520_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bede3a0fd1ecd3406f68fc850eeca520_NeikiAnalytics
Size

29KB
MD5

bede3a0fd1ecd3406f68fc850eeca520
SHA1

8623445cea4ccf78dd6c97a6851e18efc4a96713
SHA256

bd05ba4c2fb2bbc9736cf57b8325a6ec07913a1aca153d4ab8287a3dc5e934b6
SHA512

fa678b8b8c390f605b481fa5a28906592b023535e4f75f8b3e2f696fe623ade2811d057feb83d93436c66facf0a98b47858dc917445f7c6c858085ada38b89e4
SSDEEP

768:PVEHJqjHyGvwFylDpulVSQJrE/2QmlCYZUTTsOY1jCE:PH2nylslwHCCLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bede3a0fd1ecd3406f68fc850eeca520_NeikiAnalytics

Files

bede3a0fd1ecd3406f68fc850eeca520_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

b6a7a0b5eccbdba136f6870043afb913

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

mfc42

ord3749

msvcrt

_except_handler3

user32

FindWindowA

advapi32

RegSetValueExA

shell32

ShellExecuteA

ws2_32

gethostbyname

wininet

HttpSendRequestA

Sections

��
Size: 21KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PEC
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE