141894a23d0c8aacd96828661eaa71dd0b1856f4b5b5d1e4e2fc630dfbf4eb3a_NeikiAnalytics | Triage

Sharing

General

Target

141894a23d0c8aacd96828661eaa71dd0b1856f4b5b5d1e4e2fc630dfbf4eb3a_NeikiAnalytics
Size

32KB
MD5

a91ad8b604c8ffd7459ec41c68ec73d0
SHA1

616450c10d792c78fa5395dda9b00df0ce0a3c01
SHA256

141894a23d0c8aacd96828661eaa71dd0b1856f4b5b5d1e4e2fc630dfbf4eb3a
SHA512

1013277b33a42a7759a4663b86d59b3f8db08aab6fa7c5f4d35d0c11ba10aed75e3a9a6e15294767fc0808376e1ea9f95c1be069e6a950e82f5c8a029f5f3a30
SSDEEP

192:DQP4z9cKume7ClN9/fOS98t9CrQXa0hm55RmZBdZDlx4iuFpIGOzQ/3x9OyyfLKR:D9zk87X1OwmlvIROyyfLKy3rh6oUKDV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
141894a23d0c8aacd96828661eaa71dd0b1856f4b5b5d1e4e2fc630dfbf4eb3a_NeikiAnalytics

Files

141894a23d0c8aacd96828661eaa71dd0b1856f4b5b5d1e4e2fc630dfbf4eb3a_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

11553ebf153c7360b4d8d164bb4892ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
DeviceIoControl
CreateFileA
WideCharToMultiByte
GetEnvironmentStrings
GetStringTypeA
LCMapStringW
GetStringTypeW
MultiByteToWideChar
LoadLibraryA
LCMapStringA
HeapReAlloc
GetProcAddress
HeapAlloc
GetOEMCP
VirtualAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
CloseHandle
FreeEnvironmentStringsW
HeapCreate
HeapDestroy
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCPInfo
GetACP
VirtualFree
HeapFree
RtlUnwind
WriteFile

user32

KillTimer
DefWindowProcA
PostQuitMessage
SetTimer
ShowWindow
RegisterClassExA
CreateWindowExA
TranslateMessage
UpdateWindow
GetMessageA
FindWindowA
DispatchMessageA
PostMessageA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ