6046d198102d39dec2b2e8715c08f260_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6046d198102d39dec2b2e8715c08f260_NeikiAnalytics.exe
Size

67KB
MD5

6046d198102d39dec2b2e8715c08f260
SHA1

9cf0123dddd4355b45075695af2877c679d07d28
SHA256

6b4aae73a70e5eddc5248d69c414de8f11b798ef91dd9fe8d341297449d65f9e
SHA512

8dc4ff72a14e69cc522c2722d4f21235bf90ff3f86ebef0bc83a3440b5dce3d052de3ee07daaa2fb532d639202701a7bb846104e43f17ddba1e2d456d6b0c909
SSDEEP

1536:PZ3ObrRL2DITABStjFcFvIhz53Z4mv6K9Wvq+:5OVBTABcjjzlv6K9WT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6046d198102d39dec2b2e8715c08f260_NeikiAnalytics.exe

Files

6046d198102d39dec2b2e8715c08f260_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Rehm.ViCon.Client.SemicoControls.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ