4c2437f851659a50cfdba7e266a43630_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c2437f851659a50cfdba7e266a43630_NeikiAnalytics.exe
Size

153KB
MD5

4c2437f851659a50cfdba7e266a43630
SHA1

62c27674783cb787656258cc02bd62ea70ea3489
SHA256

ddf250da66335056388b5ae5384d833d1ccbdd6b12496b54d91c1f11ace96295
SHA512

cdb05a10c68421cc938b25c6783fa2185406e03471f53d51d2966b090d7b58bb88889fe28bed88a09dba583bc7c787f1a60c9e3de72540c3714ff671a8085406
SSDEEP

3072:VTpsuBabyiZg4Z0KAJUmipwvcNpY9voFj1JpzDAFYpRMMNrd:Nq8qm9s6vcNpY9vajdzaYnMWd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c2437f851659a50cfdba7e266a43630_NeikiAnalytics.exe

Files

4c2437f851659a50cfdba7e266a43630_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

e7ca4f8e9b188e14d6b78b0268709e06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

nutlibc4

tcgetattr
fgets
_iob
getopt
getenv
strrchr
exit
fprintf
vfprintf
fclose
fgetc
___NutErrno
fopen
__putc
atol
printf
fputs
fflush
system
ioctl
isatty
atoi
strncpy
calloc
strchr
_ftol
realloc
malloc
sprintf
_NutQueryRootDir
lseek
close
read
access
open
strtok
free
__p__pctype
chdir
getcwd
select
tcsetattr
tcflush
mkdir
stat
link
unlink
perror
fwrite
fputc
abort
creat
write
vsprintf
strncat
ftell
strncmp
sscanf
___NutSysStartup
___NutLibcPreMain
___NutGetModuleHandle
___NutFinishInitialisation
___NutAtExitStaticCDone
___NutInitTerm
___NutAtExitInitBlock
___NutIsForkingChild
___NutAtExitRunBlock
___NutUnregisterModule
___NutProcDetachValidate
___NutPrepareOptionBlock
___NutValidateDllLoadAddress
___NutRegisterModule
___NutMarkDllMain
_except_handler3

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE