ec6c9e28e5dda5fbbd8ce44f430d1a70_NeikiAnalytics[.]exe | Triage

Submit
Reports

Overview

overview

1

Static

static

1

ec6c9e28e5...cs.exe

windows7-x64

1

ec6c9e28e5...cs.exe

windows10-2004-x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

ec6c9e28e5dda5fbbd8ce44f430d1a70_NeikiAnalytics.exe

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

ec6c9e28e5dda5fbbd8ce44f430d1a70_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

ec6c9e28e5dda5fbbd8ce44f430d1a70_NeikiAnalytics.exe
Size

1.3MB
MD5

ec6c9e28e5dda5fbbd8ce44f430d1a70
SHA1

5bca387fa1ae3c9698a38b01db658ab3360fddee
SHA256

f9f76e7b961809318bd4eae1071bc29a270170e1820f7a3ddcb92e8054f06d4d
SHA512

69f22070d815097b5c8d4bd7ee8ee10577a14cf29780a5e136566fb7c9b675238c784b6e5b83c6eb05a561e4daf95fc5438af74c453923cda0026933540ed1da
SSDEEP

24576:dOgcGF6ixQTRkJuYXfdZnCcZelIFVHjVdFTPt:zcGkbRkAYdZCAcIXv

Score

1^/10

Malware Config

Signatures

Files

ec6c9e28e5dda5fbbd8ce44f430d1a70_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

79:ea:03:4e:85:5b:c5:be:4d:2d:2d:c4:23:9c:07:67
Certificate

Issuer

CN=HSTLDOMAIN\\mfrietch

Not Before

21-07-2023 15:59

Not After

20-07-2024 21:59

Subject

CN=HSTLDOMAIN\\mfrietch

ea:46:06:b7:df:83:51:e9:f7:79:40:10:d7:b9:bc:af:7f:cd:e3:76:fd:ff:04:dc:d4:c7:fb:39:96:5a:92:21
Signer

Actual PE Digest

ea:46:06:b7:df:83:51:e9:f7:79:40:10:d7:b9:bc:af:7f:cd:e3:76:fd:ff:04:dc:d4:c7:fb:39:96:5a:92:21

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\MFrietch\HydromatPartEditor\HydromatPartEditor\obj\Release\Hydromat Part Editor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy