12b9908d8e26899bdcc0d2b34bccd050_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12b9908d8e26899bdcc0d2b34bccd050_NeikiAnalytics.exe
Size

3KB
MD5

12b9908d8e26899bdcc0d2b34bccd050
SHA1

52c128247e3f15603c8261641b609fd13eebf3e5
SHA256

21c1cd10c815f776d625220bd855805e1adbfdde2f648d1493e3ef5239333785
SHA512

053c47af10fc8dced0335da2b9f31397753eb496cfc415b2a0334d51b1359ad9070ba3d67e2d5c5ef1a97c85f079f687144c227377cc9d3a0c7c4e02acb8fe0f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12b9908d8e26899bdcc0d2b34bccd050_NeikiAnalytics.exe

Files

12b9908d8e26899bdcc0d2b34bccd050_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

c6e178be34127c8097845ce737850e45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
TerminateProcess
GetCurrentProcess
TerminateThread
GetCurrentThread
GetModuleHandleW
LoadLibraryW
GetProcAddress
VirtualProtect
TlsAlloc
TlsSetValue
TlsFree

msvcrt

memcpy
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 480B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ