94cf544b68bc9c7892394778ab51c0c0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

94cf544b68bc9c7892394778ab51c0c0_NeikiAnalytics.exe
Size

638KB
MD5

94cf544b68bc9c7892394778ab51c0c0
SHA1

7b4022356f734f0d77cb4e86956aa038ae8864d3
SHA256

c312a2f72ccf11ab031100d15e2dff9e877ac181d61a6d8085d513148b148d04
SHA512

cfcd1f1a98b91debcfccd4f007daf9886747678b3d047b554d08cdbeb6b765c4f025722510c3580e07f1e268ec73e03700405e27978475b7d392360ed002b6b2
SSDEEP

12288:GOsfjs4T48Q1MRw0CMNCcRocbPcBcOv2XflTPsS6WAP5SCMuuWAP5SCMuJ0OFWAw:q4CRjNCcRocbPcjeXxZ6WAP5SCMRWAPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94cf544b68bc9c7892394778ab51c0c0_NeikiAnalytics.exe

Files

94cf544b68bc9c7892394778ab51c0c0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Projects2\SNB\SNB Windi\Windi2Client\obj\Release\Windi2Client.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ