79f130db8300e24ca96969eb0e0e5690_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

79f130db8300e24ca96969eb0e0e5690_NeikiAnalytics.exe
Size

20KB
MD5

79f130db8300e24ca96969eb0e0e5690
SHA1

ed4376669af4f5d18917b3d6e2a9ddc8c6f236d0
SHA256

1366ba55efd5408c0b4a377988d0fd9c401474c2b68156d64f0da8031e0d462e
SHA512

2715d16d40514159e3e1e260f0f8a7ab4c8c9079a86a65c57d3aa9fa13fdc67d41676328bcbbbef311ef11c02ad58a0a1b8e8df063cb8f02efc53ad401c5247e
SSDEEP

384:j+bJbJbJbJ112iRde6e3jEW1/jJLa6kAslQlAgUG+ZugOszIoJAYRqkV1wPl/5pX:j+bJbJbJbJ112Ude68jvJLavAsqAgUZK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79f130db8300e24ca96969eb0e0e5690_NeikiAnalytics.exe

Files

79f130db8300e24ca96969eb0e0e5690_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

0fa1c63ba1602d2cf7eeb66cd2a6e903

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseInitAppcompatCacheSupport
lstrcat
HeapAlloc
SetHandleCount
CreateThread
SetCriticalSectionSpinCount
FreeResource
RemoveVectoredExceptionHandler
MoveFileW
GetProcessHandleCount
GetOEMCP

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE