165f982d5d908061275103d0ad02f220_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

165f982d5d908061275103d0ad02f220_NeikiAnalytics.exe
Size

26KB
MD5

165f982d5d908061275103d0ad02f220
SHA1

c65526ff36a2bf4fc1f7d4baaddfbe825850f72b
SHA256

06956333b5024a2d8e3ebf9332030beb3fec67d85a44e37b1fd82594aa27d266
SHA512

24977bc15bf9261bbc481bf3e26f0f145e8d95b8f75138a1b9b6236800a86334aeff8e770219c37df97b6c2441a2b3033ea0a4da03a40c6dfffd0ae5a126491f
SSDEEP

768:T+++f3/LQjLb7oVcUp7HWNEdB8Kgex6+/qkV9VKblxQta/cVC5:/WSXu6+pHwXEa68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
165f982d5d908061275103d0ad02f220_NeikiAnalytics.exe

Files

165f982d5d908061275103d0ad02f220_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

25f4e1051927b49478d201722e6fc86d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameW
lstrcmpi
GetCurrentThread
AllocateUserPhysicalPages
IsDebuggerPresent
SetNamedPipeHandleState
GlobalFindAtomW
IsValidCodePage
WaitNamedPipeW
WriteConsoleInputVDMW
SetUnhandledExceptionFilter

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 26KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE