386ddc916db9e22f51b18e70bb4074b0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

386ddc916db9e22f51b18e70bb4074b0_NeikiAnalytics.exe
Size

9KB
MD5

386ddc916db9e22f51b18e70bb4074b0
SHA1

a74b75fbe7490a260e61c90aeb11af799ce8f15d
SHA256

6bd80a68c814134e911319e69c7aa37eb6b6bcc09ee15004702f0fe5596a563e
SHA512

df89ec6c394a0ba0c4c2eaec96eafb8613f577ffd0e9eebcccedfa76bd58eb39a8754380d40f0ff97797a729740c0cd838d42fd7364e0059d501a83b4d8f018d
SSDEEP

192:28LvjKpbUztW5iE997FWr146C6WYApatuWXoyZ9gURv25K:PWbUa/9RFWr7tuSZ9Jt2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386ddc916db9e22f51b18e70bb4074b0_NeikiAnalytics.exe

Files

386ddc916db9e22f51b18e70bb4074b0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

bab287abd34888be50035187199a1350

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
WriteFile
Sleep
ReadFile
GetProcAddress
VirtualAlloc
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
CloseHandle
GetTempPathA
CreateThread

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ