1abb16b7c5ee027bdbe4146ea7afe3a0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

1abb16b7c5ee027bdbe4146ea7afe3a0_NeikiAnalytics.exe
Size

336KB
MD5

1abb16b7c5ee027bdbe4146ea7afe3a0
SHA1

4d1cdf16ff56ebea28faf8c5b5adf9da03c98d48
SHA256

d24df945a8c781573c1a1172241ae9fc8fd8a8cca1e599754bac66b9a590ee0a
SHA512

558ac04dcfb2f69a4ed7d61b6ea180f33c9b976569f2e51a79f866099376bcac41c9f6a7c7fccaa1607a5d5b7370e8f29f73aa3f5f7f7070614992b75237a4d0
SSDEEP

6144:+FN336YMFYfVcT7/9ju3iuUtZhckmEAhzNKGQXHJxb780y2LFkN:q5n9W7/1tZhcIAhZKGQXHJxf8wLSN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1abb16b7c5ee027bdbe4146ea7afe3a0_NeikiAnalytics.exe

Files

1abb16b7c5ee027bdbe4146ea7afe3a0_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

8edc0f5174cc28381726b23fdc9151a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

trth drhrth.pdb

Imports

msvcrt

wcscspn

kernel32

EnumResourceLanguagesW
FindCloseChangeNotification
GetLocaleInfoA
LoadLibraryA
SetFirmwareEnvironmentVariableW
GetDriveTypeW
GetTickCount
GetDiskFreeSpaceExA
RaiseException
GetLastError
InterlockedExchange
LocalAlloc
LocalFree
GetProcAddress
FreeLibrary

clusapi

ClusterNodeEnum

shlwapi

PathUnquoteSpacesW

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

cvbv
Size: 4KB - Virtual size: 474B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rfvc
Size: 4KB - Virtual size: 38B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

joojk
Size: 220KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ