3cf39f700088bc6f020bffae3671eda0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

3cf39f700088bc6f020bffae3671eda0_NeikiAnalytics.exe
Size

437KB
MD5

3cf39f700088bc6f020bffae3671eda0
SHA1

c32c7daecb41941edcd62921264d389cce4456a0
SHA256

b1d121d25fb6254b4f100bd21ea13dbf76e7c7517d468df0ae6da02635d54dda
SHA512

b095f370df853aaf6dd36678bf0fda05cee5a0a9b198041573f105edaeed6c240aee0d76a0b9d77a036a4ecc13503e9a13f09c58ee28a99f68d15ff92e863d9f
SSDEEP

6144:H22CGvmZp0KX3hg+AR8xYT0Hg/7wgI3Rr:VU3hg+AKw0ATy3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cf39f700088bc6f020bffae3671eda0_NeikiAnalytics.exe

Files

3cf39f700088bc6f020bffae3671eda0_NeikiAnalytics.exe
.dll windows:0 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

Y:\RC-932\RC_932_00130\fulcrum\uefi\Edk_1.05\Edk\Sample\Platform\DUET\Build\X64\Sample\Bus\Pci\RAIDCore\Dxe\ahci\UEFI_CC\RAIDCore.pdb

Sections

.text
Size: 432KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 160B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 736B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ