52647fa0788abd1701e3237ce6dcd9f0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52647fa0788abd1701e3237ce6dcd9f0_NeikiAnalytics.exe
Size

9KB
MD5

52647fa0788abd1701e3237ce6dcd9f0
SHA1

22c3c6699cde319909fcdf063f4ad352c3b20f57
SHA256

a5ff3b263a9c5063a39d4693ec39b9669ec6167f01350a6006adec50b02a0f42
SHA512

801035afd43f3704a973784e8344fd24a46ed6bbc30ecf59bb587c3ea78f6dcc2840ea1acf650ae66e13f3ae2fa89d174534bb4564352a15065f256445d539ff
SSDEEP

192:2RLvjKpbUztW5iE997FWB46M3d+2sQA4qz5CWypunG76xK0G5K:uWbUa/9RFWv8+2Q4qz5C/sr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52647fa0788abd1701e3237ce6dcd9f0_NeikiAnalytics.exe

Files

52647fa0788abd1701e3237ce6dcd9f0_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

bab287abd34888be50035187199a1350

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
WriteFile
Sleep
ReadFile
GetProcAddress
VirtualAlloc
GetModuleFileNameA
GetModuleHandleA
VirtualProtect
CloseHandle
GetTempPathA
CreateThread

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ