81ef3e2f8f4ff87e70a436fe0c1ba0d0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81ef3e2f8f4ff87e70a436fe0c1ba0d0_NeikiAnalytics.exe
Size

333KB
MD5

81ef3e2f8f4ff87e70a436fe0c1ba0d0
SHA1

477c2c9f32d46c2c6c6fed411789879c4cc9d463
SHA256

5da2b5f003d17e81a27cab8a77ebc102031f2147e2a29d382baef0a807c93146
SHA512

d0114946bfe1b7cebf24d87d67721b8bd085ff495d71cd36134fdfe5a68e9061a1e08b923ada84500e0406cc3047a62c9c5a0dfa5138d1ba0bde9309d7cf52aa
SSDEEP

6144:zsvYQOyKO0ACbcYzD/IXBO4aIxrrEmFoZLl4Ct3Pj:z0uAuz7IXbxrrEmFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81ef3e2f8f4ff87e70a436fe0c1ba0d0_NeikiAnalytics.exe

Files

81ef3e2f8f4ff87e70a436fe0c1ba0d0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\odonchuk\My Documents\Visual Studio 2008\Projects\Interops\ShipRiteNet\UPSWeb\obj\x86\Release\UPSWeb.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 183B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ