4acd08bbb7223a63db2423d2c6becd50_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4acd08bbb7223a63db2423d2c6becd50_NeikiAnalytics.exe
Size

20KB
MD5

4acd08bbb7223a63db2423d2c6becd50
SHA1

730a84e443c42d6b50127e806142997eba104300
SHA256

88f4c72ad818f4d32536eb309bf1ac1ac32a30f79092db9c86d55a1020b84147
SHA512

6bcd66fd2aeb4dc83eacdd109ff5b17ce74ddeddb26eec3d09a8743582dc5d4dc7c312dd492e9e1de2b681fc8e212393fe7f93d77aa6cc56a72322b9045f14b7
SSDEEP

384:cH3d0kqFXvPo9qX/zPfSEoITs8aHwkhqfrwPl/5pDGkzZ9Vj:cXd0HvPo9qX/78ITsEQI+/qkV9Vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4acd08bbb7223a63db2423d2c6becd50_NeikiAnalytics.exe

Files

4acd08bbb7223a63db2423d2c6becd50_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

b6b23e3e3f63714ed9953b3f81d52e6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleInputA
ValidateLocale
GetNumaProcessorMap
GetCurrentProcessId
GetDriveTypeW
Process32Next
SetFirmwareEnvironmentVariableW
ConvertDefaultLocale
BaseQueryModuleData
GetComputerNameExA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE