9ca020e6ae8bd98114b4efd62e9fd040_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ca020e6ae8bd98114b4efd62e9fd040_NeikiAnalytics.exe
Size

2.1MB
MD5

9ca020e6ae8bd98114b4efd62e9fd040
SHA1

d54dfb701ee7e468c2aaa131daf5a8741e3f8857
SHA256

e2b690d8b787f312af34e44506a91bce8c4efe07654c535231ab0b7bcfeba5a8
SHA512

ab7a42de04f8c864584f244dd45e7921250afdd2fcbfefe860a92625371d59b81ea8e2a15d580f0184688b67a1dac606f90c9b1393b5f0db10b1711d9087a5d9
SSDEEP

49152:M/HJ5mTHjVueWkfRTm3AX5sggTL1rqMyGVBLPeL/bH4:M/HvCueWCHg31BvBreL/bH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ca020e6ae8bd98114b4efd62e9fd040_NeikiAnalytics.exe

Files

9ca020e6ae8bd98114b4efd62e9fd040_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 30KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ftvjmsuw
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

illgykfo
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ