36b7434361cf48cca861470883ff7500_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36b7434361cf48cca861470883ff7500_NeikiAnalytics
Size

8KB
MD5

36b7434361cf48cca861470883ff7500
SHA1

79505e38dd8945a9c7ab42e22eb5fd7e41ce3d9f
SHA256

3a4aea65febe58064d94c685ffe328b57e3d787187b880d123f84cebfc448573
SHA512

fdbb82f5c3df280a09ef412caec140d7bb2e9f55a30ce64387f3b18a464cb09e5bc97b3a8aee2982aea48543296accd5d65fabc27fcedd06a46f11e6072c835e
SSDEEP

192:0hk+1Gf0ZFLczvL3r5fI7+zPZBLrLII1aV5SsyaKez:0hkwGf03LiLdfXrZBLrLIMaVRLKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
36b7434361cf48cca861470883ff7500_NeikiAnalytics

Files

36b7434361cf48cca861470883ff7500_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\source\repos\aesload\WindowsFormsApp2\obj\Release\WindowsFormsApp2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ