663a1ab3e2379db7c68c9cd56c88ff60_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

663a1ab3e2379db7c68c9cd56c88ff60_NeikiAnalytics.exe
Size

2.2MB
MD5

663a1ab3e2379db7c68c9cd56c88ff60
SHA1

db6b3aee44d4830aea12dac47fc503d500243716
SHA256

2d6c8e58847b10c572871ec9e00d0fd1c0d07a1952bb28b1f9b70fb138169f92
SHA512

aef7144c272be723da2bccae185a4e4e274c24856e57bab7769f9233456c004c4d6b75dea84c5f2faf41bef1f7e02e8576f09535a5145901feeb16f141ba89a2
SSDEEP

49152:4vi9y4yPymyXykyHyKywyf5FV56Du+yKy5y8yH9B:4QBg/+BSxve56DdT6pc3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
663a1ab3e2379db7c68c9cd56c88ff60_NeikiAnalytics.exe

Files

663a1ab3e2379db7c68c9cd56c88ff60_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Default.DESKTOP-9CGK2DI\Desktop\AmtWebApp\MeshCentralAssistant\obj\Debug\MeshCentralAssistant.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ