9b67b09b427914bf0d736b4d04c0e6f0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b67b09b427914bf0d736b4d04c0e6f0_NeikiAnalytics
Size

2.6MB
MD5

9b67b09b427914bf0d736b4d04c0e6f0
SHA1

bf8b0cb935b5540eb8cd75b8e1547fe1d44fa6d9
SHA256

0293e810e9686e0f961ad4231b51d374f3b6696700afa64731b3eb5454f6b18a
SHA512

90b69ad4dcce67690859e7c0264391b4512a85c521e4cd530be192556dcafb7372e708fa07ec10ee3d21701938824f15671d0a7ca344b21220ed6e8d653e5d9f
SSDEEP

49152:5JGNP2RacTKpfZUyaREUm2Qub5G+wR+p6kjo5+YB4iqo+Kd:5QKTMq5m/Ru9G+wRAbG4iqo+Kd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b67b09b427914bf0d736b4d04c0e6f0_NeikiAnalytics

Files

9b67b09b427914bf0d736b4d04c0e6f0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

306d7818ccdd4bfd5d0f8c6266369059

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
VirtualProtect

msvbvm60

__vbaVarSub

protectstorage

Transfer

Sections

.text
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 408KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grd0004
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ