469930b86762f3b0d4b3f53c75132650_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

469930b86762f3b0d4b3f53c75132650_NeikiAnalytics.exe
Size

51KB
MD5

469930b86762f3b0d4b3f53c75132650
SHA1

af0cf30b5d4094f0876ed239ce6c3895bfa73a06
SHA256

c896a3eeb9d068bce1a70dc5a09b3d44012536d763361655bffe886ea9b32cf9
SHA512

e0a062ea203d1ec38d39aa7db09ffb5d242dd57c1de2959daa712f2aeaeb2273fe38ba38dab0eff9b74f98a52bf268f45f4f0b8770f2111198e9ef95fd060976
SSDEEP

768:emTSDF7SZ7evbifMH/9S80PoQEWGz1iyS+/1zPwlhOz6TWVRYGftEbmL9JWAEGj:emmFSwj2MH/A8cnEW2gEapARrLyAE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
469930b86762f3b0d4b3f53c75132650_NeikiAnalytics.exe

Files

469930b86762f3b0d4b3f53c75132650_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

8d5037cb2f97ffc9beb3f19d2c4d295f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

winmm

mixerClose

mfc42

ord3698

msvcrt

_setmbcp

user32

DrawIcon

advapi32

AdjustTokenPrivileges

shell32

ShellExecuteA

oleaut32

VariantClear

Sections

.text
Size: 43KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE