5b55970217e977a2610f0913980c6310_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

5b55970217e977a2610f0913980c6310_NeikiAnalytics.exe
Size

320KB
MD5

5b55970217e977a2610f0913980c6310
SHA1

9003ad7984e82512734fe08ce5b028d37c089734
SHA256

85f07d6a4be86223e2b9ba1d62c19980deda1a59398ccf3fa725b8a2628bb841
SHA512

a4255d7d2ef0b293dd375de2fc38e0d891092a022b027f4b3995e365682d8e6e4b97c68a994b7ed0a7e63afaa94fa9472a86f7821645e6cae950363899d46b4d
SSDEEP

3072:+l4qJaZ7Ygq7A6U2bGwOvQPxov9EIL6666zcZQJFsa:Tl67A6LoIyvddFn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b55970217e977a2610f0913980c6310_NeikiAnalytics.exe

Files

5b55970217e977a2610f0913980c6310_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

7967d3858422d0eb37dbe0888a0b75e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\serna\free\build\serna\bin\serna.pdb

Imports

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
GetStartupInfoA

serna43

?serna_main@@YAHHQAPAD@Z

msvcr71

_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
_initterm

Exports

Exports

qax_dllinit

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ