5e4463084678af68de8f42c2888ae000_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e4463084678af68de8f42c2888ae000_NeikiAnalytics
Size

7KB
MD5

5e4463084678af68de8f42c2888ae000
SHA1

f9c888dc24d27152b8050f681a4c5c1b52e369e1
SHA256

27c7061e71f1a93dafa5e12d7dcd024f4ce04f06d0cb53661a3aacb9395d7daf
SHA512

561e2e5180567d40540781cb02656da54d1cf353832d88b395748e2f403dcdcb9b3e9ed01e3bd64f9a7217a7de267537f226a90d51b0865170c61b42b03ce707
SSDEEP

192:mnFY/+De58X7jehnaLTr4Y2CcgZEct6S2Y2:cKq7LTr4Y2CcgOg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e4463084678af68de8f42c2888ae000_NeikiAnalytics

Files

5e4463084678af68de8f42c2888ae000_NeikiAnalytics
.dll windows:4 windows x86 arch:x86

70dfea24e2425af4663638d49d600796

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

v:\dev\repos\ChainSaw\ExtremeDXT\Release\ExtremeDXT_linker.pdb

Imports

msvcr71

_adjust_fdiv
__CppXcptFilter
_initterm
__dllonexit
_onexit
_except_handler3
malloc
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

?CompressImageExtremeDXT@@YAXPBEPAEHHAAHH@Z
?InitExtremeDXT@@YAXXZ

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 862B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ