6eba56d8384d1ccc63d6415be1240830_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

6eba56d8384d1ccc63d6415be1240830_NeikiAnalytics.exe
Size

28KB
MD5

6eba56d8384d1ccc63d6415be1240830
SHA1

9b7428b66cf0b1cb32fa68073992eef26ecd813a
SHA256

e3bc47b7a08431016d253f8485685d08d29b158cab480906511c83dcd962e931
SHA512

7506f6b1c6d9e2afd1f3d0f514a5687371d591479aa151eddf7f60bbd36757c50d2ed8a5c0bfec9f193e206f159b4b17ff654fff6b594e6835fc9cd445e6137c
SSDEEP

768:FfZEou/QG/0fhUgf7czHzN7yqEXpEAJfDy+HVTifmkfgDH0ndrK9wgv:fEoRJF/3ZPN59ijMi2Sgv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6eba56d8384d1ccc63d6415be1240830_NeikiAnalytics.exe

Files

6eba56d8384d1ccc63d6415be1240830_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

44dd298680ea5ae6a071453f7b804f56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocalPrimaryComputerNameW
WaitForSingleObjectEx
GetThreadLocale
EnumSystemLanguageGroupsA
GetStartupInfoA
EndUpdateResourceW
CheckNameLegalDOS8Dot3W
QueueUserWorkItem
GetVersionExA
SetLocalPrimaryComputerNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE