04319d1d33e8487d928acfd957f2e9b0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04319d1d33e8487d928acfd957f2e9b0_NeikiAnalytics.exe
Size

2.2MB
MD5

04319d1d33e8487d928acfd957f2e9b0
SHA1

32f8d50d73b3dcc16b24f51ccf0d076ff6be598d
SHA256

51c1b72b741efe2d353424e080ff96e9f61d4191ca5d88a910ce68686e9af36c
SHA512

7ac2833ba27114ddcc203eede0f7197d8fd2e1250afd3698129ffff931b69b528bfeb6e486b805ef398d057a737f41f13283b5ae997db157128a54380ba3666a
SSDEEP

49152:3n2z7V7MYDyH/IFg1vSDckFyLjzyBM8q4cvhUJ+ItYu4Cqbo:XqMYqQ21vSokFyXeBdDChUoISu45k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04319d1d33e8487d928acfd957f2e9b0_NeikiAnalytics.exe

Files

04319d1d33e8487d928acfd957f2e9b0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

c8d42804e5964951fb24b8ef4c2573f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

GetExpandedNameW

advapi32

SaferIdentifyLevel

rpcrt4

RpcStringFreeA

winspool.drv

AddPrinterConnectionW

opengl32

glEvalMesh2

ole32

OleQueryLinkFromData

kernel32

GetBinaryTypeA
GetModuleFileNameA
GetFileSize
DeleteCriticalSection
GetModuleHandleA

winmm

midiInMessage

Exports

Exports

OfnensrdnngesN

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.code
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 840B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

DATA
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ