a623645fe3f2236d1936d4949f4ec950_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a623645fe3f2236d1936d4949f4ec950_NeikiAnalytics.exe
Size

8KB
MD5

a623645fe3f2236d1936d4949f4ec950
SHA1

d599619093077293e2d9108ad38b3940d774abbe
SHA256

8b3ea62c21e4d4d0dc2a9ce9b6b4c0198bde86648367b8e15d27f491ded9398f
SHA512

38811658c45453114b8043bf98cb1cdf96771544dcb7a2b53b418c7cdb82cfe9b2db1eb608eddd7cde1d15dff643cb5ac750ba4efa1c17b0707cd8a956593c04
SSDEEP

192:DLHBKpbUD5jKXvR8opN6oYTrx90+FLzHXZOrO/:DsbUFKXyo+oSoGLbXZb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a623645fe3f2236d1936d4949f4ec950_NeikiAnalytics.exe

Files

a623645fe3f2236d1936d4949f4ec950_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

bab287abd34888be50035187199a1350

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
WriteFile
Sleep
ReadFile
GetProcAddress
VirtualAlloc
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
CloseHandle
GetTempPathA
CreateThread

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ