ab5d0a725a30fd98ffa5f3b6a89d1930_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5d0a725a30fd98ffa5f3b6a89d1930_NeikiAnalytics.exe
Size

497KB
MD5

ab5d0a725a30fd98ffa5f3b6a89d1930
SHA1

d172451c862bd99d19979f669813f664dac319f1
SHA256

8726f92d494aa1dc308c5cfa407536a02fb8ebd035d4bda2daac16fc924aa82d
SHA512

598cccc739d882edb9643dd6ca69d12c1bba9c47112f76f1b7c7b01a05d329e37deaff6d81e7e1ce434a917e365eea3535578467383559c819fb21604a1e025b
SSDEEP

12288:NyAfDcgcTQhgpZBDtoRAG01LqTl2mZoiw9:vDVBADt1ZKlXQ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab5d0a725a30fd98ffa5f3b6a89d1930_NeikiAnalytics.exe

Files

ab5d0a725a30fd98ffa5f3b6a89d1930_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

06ea752c2bfc857d5f84f3229253c7b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
SetFilePointer
ReadFile
CreateFileA
CreateProcessA
GetTempFileNameA
GetTempPathA
GetModuleFileNameA
DeleteFileA
Sleep
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
LCMapStringW
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
WriteFile
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
CloseHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
SetStdHandle
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
VirtualAlloc
HeapReAlloc
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile

user32

LoadStringA
FindWindowA
MessageBeep
MessageBoxA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ