7fbbaeb121ee4ce46424df78a5bec8b0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7fbbaeb121ee4ce46424df78a5bec8b0_NeikiAnalytics.exe
Size

20KB
MD5

7fbbaeb121ee4ce46424df78a5bec8b0
SHA1

b9e1f8886a6fbeda76e8f82bccbae2055a7cc665
SHA256

19be88832e2788ac6c76d73904a1b48c4e209f4825d142fc01e4b8de82dc1eb9
SHA512

a5ef584048bbb7acd99ed898740b9e58e50491986e5c73aff61a04cb118e38f0a66c675123436a3796692bf270e09242d457c386da5403ba10aa154ae43cbc6b
SSDEEP

384:W+ggg8E/0LYm55yGbMplLL96/ZiIy+q+XYimVjjFKSFqqSzwPl/5pDGkzZ9Vj:WhY5c5lqwIy+q+XDmZJFqt+/qkV9Vj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7fbbaeb121ee4ce46424df78a5bec8b0_NeikiAnalytics.exe

Files

7fbbaeb121ee4ce46424df78a5bec8b0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

93dcd1a4edc9acc0bca3f33da386f98e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSocketHandle
GetThreadContext
GetCurrentProcessId
ExtendVirtualBuffer
OpenFile
WTSGetActiveConsoleSessionId
SetConsoleKeyShortcuts
WriteConsoleInputA
InterlockedExchange
QueueUserWorkItem

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE