aaaa89929ce64aa0257c6904df662620_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aaaa89929ce64aa0257c6904df662620_NeikiAnalytics.exe
Size

39KB
MD5

aaaa89929ce64aa0257c6904df662620
SHA1

3a147e2e0132a5daa2a82e4887ea31f3d880fea8
SHA256

d472c5397998ddd8463864cec055d5d36202cc3e3b5b5ab735b31c35c9210419
SHA512

a833669ee3aebf130a84a5cfec2cf07576e181a73ef304f6b1cacc43acde6e867afd4e4cb1ce681f9f3997c0ec2d79aaabc566aef60b4c74ecf4c2b88ab2ae54
SSDEEP

768:9tpEetHyDFwMquCap2B5ElRyjzEwsEOWaWVk3IaxH2:WewDmIM5Q4jzAEnxK3fW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aaaa89929ce64aa0257c6904df662620_NeikiAnalytics.exe

Files

aaaa89929ce64aa0257c6904df662620_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\ProVision\_NET\HV\HV\obj\Release\Avaya.ProVision.HV.UI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ