5f6a77494fe99d3da4f81557a404c640_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f6a77494fe99d3da4f81557a404c640_NeikiAnalytics.exe
Size

3KB
MD5

5f6a77494fe99d3da4f81557a404c640
SHA1

6d8b4177a4b99870727324a16934327f21e3782d
SHA256

8f203b1e92481cdf27961a9c68726bdd982e12499fa05dc79c12b65525531c6d
SHA512

36ba829676f019cbbadf3211ed46cf928b2b0925ab7725c331d04dfd6e32f13ecfa3ad57b9c59c2929f5be2fbf2a1c318c599ac0119effd0b87c438ed786c1f1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f6a77494fe99d3da4f81557a404c640_NeikiAnalytics.exe

Files

5f6a77494fe99d3da4f81557a404c640_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

c6e178be34127c8097845ce737850e45

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
TerminateProcess
GetCurrentProcess
TerminateThread
GetCurrentThread
GetModuleHandleW
LoadLibraryW
GetProcAddress
VirtualProtect
TlsAlloc
TlsSetValue
TlsFree

msvcrt

memcpy
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 480B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 128B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ