3227107e9305976183522afb599077f0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3227107e9305976183522afb599077f0_NeikiAnalytics.exe
Size

289KB
MD5

3227107e9305976183522afb599077f0
SHA1

0a27f5b402412c521ff30a4fbbb46311ee809e22
SHA256

5115f4d0f187426b50b8131f861e8bb99e4ce02174f3fcb2e2825ff054827ad2
SHA512

5872a8198fc3044b5d4b064584be5adc0a1e2909e6543dbd0f8fd3239d552a78b3a9cd59749cef0db10ab33d9d62a69987ddc4e84e86d1feb20645d3dab3f6e9
SSDEEP

1536:BR7S3YTF+DXb2SVMmfbCg2R0GsOLxn0t:B5Fp+TPVMmfbTtGdLxn0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3227107e9305976183522afb599077f0_NeikiAnalytics.exe

Files

3227107e9305976183522afb599077f0_NeikiAnalytics.exe
.exe windows:1 windows x64 arch:x64

a9c2a528b3afd6bd56e4478210c4e9d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
ExitProcess
GetModuleFileNameA
GetModuleHandleA
lstrcatA

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
MessageBoxA
PostQuitMessage
RegisterClassExA
TranslateMessage

shell32

SHGetFolderPathA

shlwapi

PathAppendA

ole32

CoInitialize
CoUninitialize
CoRevokeMallocSpy

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ