2a45cb025cc407db5e7bd905e1b58530_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

2a45cb025cc407db5e7bd905e1b58530_NeikiAnalytics.exe
Size

4KB
MD5

2a45cb025cc407db5e7bd905e1b58530
SHA1

11f7d263a0b81f47e28bbec5af8f8622bdccb1fe
SHA256

57ab3ac06ae37d12a0b2c321962e2f30ffb162b617c4cb84c638a6991ca950fc
SHA512

e7eabe7ba1370acef7fa51307194a6d5f655f32d7872c401345f5db1045f391d2485cac73fadff16a3a147b80e1c01da3e184f7576bdf7d9ec06820c8cd19575

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a45cb025cc407db5e7bd905e1b58530_NeikiAnalytics.exe

Files

2a45cb025cc407db5e7bd905e1b58530_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

2435d5fb627e13d2abcfa6cd6cf42b03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
TlsAlloc
TlsSetValue
TlsFree
GetProcessHeap
TerminateProcess
GetCurrentProcess
TerminateThread
GetCurrentThread
HeapCreate
GetModuleHandleW
LoadLibraryW
GetProcAddress
VirtualProtect

msvcrt

memcpy
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 528B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 144B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ