41717c2e3d0093e5cd51a0b27d15cd60_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41717c2e3d0093e5cd51a0b27d15cd60_NeikiAnalytics.exe
Size

1.7MB
MD5

41717c2e3d0093e5cd51a0b27d15cd60
SHA1

bb8ebe08d8b68697d954b779fbfd567d814ed568
SHA256

7f5a3c1995147bc7908da6926dd0ee37b6f4eb6bb8f25f937515a7f4ad002d9b
SHA512

f65f7057f175c97661a356e1a088a63bdfd5187fbef3142987d18bd157fc3def8ba1066951f1e04a4aaba2df1fd4ac41bf5692b527d3d728d0cb8aa2eca028e6
SSDEEP

6144:tRzJJNBUUGW3nilGuDTcPWJ2JNBUUGW3nilGuDTcPWJnwJDMEaFhO164RtKlG1SH:13QP/UmuENJ/IooQIBOL8yq7LcZN/A0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41717c2e3d0093e5cd51a0b27d15cd60_NeikiAnalytics.exe

Files

41717c2e3d0093e5cd51a0b27d15cd60_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

71f62701b102c0d1a9a384df5ffff64d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\TortoiseSVN\NSC6\bin\Release\LangDLL\XstartRUS.pdb

Imports

mfc110u

ord1502
ord2320
ord2194
ord2216
ord484
ord1504

msvcr110

_malloc_crt
_initterm
_initterm_e
free
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_amsg_exit
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
__CppXcptFilter
_unlock

kernel32

IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ