2172a5561ad63f75a0e7c671268d50f0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

2172a5561ad63f75a0e7c671268d50f0_NeikiAnalytics.exe
Size

41KB
MD5

2172a5561ad63f75a0e7c671268d50f0
SHA1

4bf3feb6c7c669b84759938077f32a209412da54
SHA256

0eea6ad1092f9a20a7843e8b5572fe73487e053fcb168de77c9f813e6a9bb6ec
SHA512

c3bc0e43fe8c8de733ef838ff28eb5691559dbb61d04c6450d8d7851a1d64be036e719d1a08f5ecdfab1f85a8c88dea54887ddf2f3ee21c9e26f2d46387be893
SSDEEP

768:Oxo16lkkRYgnslRZOU9ImM0+DCqQluejYP0yPvQg3CU/OjSN:Oq16lSssljOmMlLQluQEPvQWCUdN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2172a5561ad63f75a0e7c671268d50f0_NeikiAnalytics.exe

Files

2172a5561ad63f75a0e7c671268d50f0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

007768d5bac775f4025b0efc96fecfb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateProcessA
FindResourceA
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryA
LoadResource
LocalAlloc
LockResource
VirtualAllocEx
VirtualFree
VirtualProtect

user32

GetForegroundWindow
IsChild
IsIconic
IsWindow
IsWindowUnicode
IsWindowVisible
IsZoomed

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 64B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE