28ebcdd3e9d05ffe51addb78d46e5710_NeikiAnalytics[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

28ebcdd3e9d05ffe51addb78d46e5710_NeikiAnalytics.exe
Size

183KB
MD5

28ebcdd3e9d05ffe51addb78d46e5710
SHA1

9d0c8d9427b61d41225e81c8bbb7544be50582fe
SHA256

00c7ff63c87d858d4340616c4430af712f8fcdb346c8df225447a732eb1eb214
SHA512

958f133dec46e3ffb9ef2c0bd6e6e481d2b5b7d4a7627a93d0176780b217bff58935917aabceebc5b4d162cffffc70c9d752bef0cb53e9dcb52f370758e96125
SSDEEP

3072:2Xd2HUi+AZToEE6ooqiq8EpKP1dwLFurHNLljikMTmAcThAkZThMTMz6A4FdabkW:esUijd1E6dqi4py5RixTmAcThAkZThMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ebcdd3e9d05ffe51addb78d46e5710_NeikiAnalytics.exe

Files

28ebcdd3e9d05ffe51addb78d46e5710_NeikiAnalytics.exe
.exe windows:4 windows x64 arch:x64

7561708a4d76393e3992ac2ea91e3cf6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

cygwin1

__ctype_ptr__
__errno
__getreent
__main
_dll_crt0
_impure_ptr
abort
access
calloc
close
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
dup
exit
fclose
fdopen
fgets
fprintf
fputc
fputs
free
lstat
malloc
open
printf
putchar
puts
qsort
read
readlink
realloc
rename
snprintf
sprintf
stat
strcmp
strdup
strerror
strtol
symlink
system
unlink

cygintl-8

libintl_bindtextdomain
libintl_gettext
libintl_ngettext
libintl_setlocale
libintl_textdomain

kernel32

GetModuleHandleA
GetProcAddress

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7561708a4d76393e3992ac2ea91e3cf6

Headers

DLL Characteristics

File Characteristics

Imports

cygwin1

cygintl-8

kernel32

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 72B

.rdata Size: 3KB - Virtual size: 3KB

.pdata Size: 512B - Virtual size: 372B

.xdata Size: 512B - Virtual size: 352B

.bss Size: - Virtual size: 480B

.idata Size: 2KB - Virtual size: 1KB

/4 Size: 512B - Virtual size: 28B

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 72B

.rdata
Size: 3KB - Virtual size: 3KB

.pdata
Size: 512B - Virtual size: 372B

.xdata
Size: 512B - Virtual size: 352B

.bss
Size: - Virtual size: 480B

.idata
Size: 2KB - Virtual size: 1KB

/4
Size: 512B - Virtual size: 28B