8fe8bb45a97f24c3c85d01e034539e90_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fe8bb45a97f24c3c85d01e034539e90_NeikiAnalytics.exe
Size

234KB
MD5

8fe8bb45a97f24c3c85d01e034539e90
SHA1

04ce9272778dc7fff574c139050227bf841f9624
SHA256

f69069f5f92b6e43fbd1fc183966bc873892c3276e12105c130a741a777ea829
SHA512

d16ac21c532c8537c8a1df7e088ee47c21c1dda844267b508f783f41afe39349374d784afb7ac4e9c3d6395c1eec5b209cd25f7b873c1c4d65167eefb101c57a
SSDEEP

3072:dnTrsEJTqVXHUJePMqvk9sEFU6tiNO85/BEZR6aJjdGE0F6GqJb:dnTAEJqKJedvIsn6I9BEZR6an0Fg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fe8bb45a97f24c3c85d01e034539e90_NeikiAnalytics.exe

Files

8fe8bb45a97f24c3c85d01e034539e90_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

e1c0bd3d5b9f3f5cec7ea773ff66ac6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentProcess
GlobalAlloc
GetCurrentThread
GetModuleHandleW
GetProcAddress
GetLastError
GlobalFree
CloseHandle
lstrcpynW

advapi32

OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 230KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE