6fa90477440582653341c65c8fd65110_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa90477440582653341c65c8fd65110_NeikiAnalytics.exe
Size

90KB
MD5

6fa90477440582653341c65c8fd65110
SHA1

a998770bbb47b40989ccf5c190f1a777fefd362f
SHA256

1a60e9e7c22dcddbf2d3a11a9246d6cc4a416bf883db123396abdab4a14036a0
SHA512

0c94f0ce67777a6de97f9574c5f25402a184a6180a27c963f6977c9448a0fbd9e1710009115e505c9d81ae2944fbf4eacfb5cde0dd6b19cc84301397e884ea02
SSDEEP

1536:xnPYGzlaSfk70Ukton41nCGlGN6zfxUcFd9dOU1hb:BBlat0/BlGN6zZUcjrO8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fa90477440582653341c65c8fd65110_NeikiAnalytics.exe

Files

6fa90477440582653341c65c8fd65110_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Rehm.ViCon.Services.Wcf.ClientService.Contracts.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ