8bf2a9965c44b3f71cba2b2d14ee7950_NeikiAnalytics[.]exe

General

Target

8bf2a9965c44b3f71cba2b2d14ee7950_NeikiAnalytics.exe
Size

95KB
MD5

8bf2a9965c44b3f71cba2b2d14ee7950
SHA1

43d9b9a078cd2edc0d916eefb7c010c85519471a
SHA256

ff8ca903fa77fd8e9e5e0fe78dbf411b3608bbf3579d1f2ae81a9f3bc114c892
SHA512

f0525d3209578b2a9893324db8a3c8e4784c6a0fc00910ec877f1f348ca4f9dee6254e9c3c18b7437a719fc13451dad25e8c67e7602172b8850689878917b564
SSDEEP

1536:MM45KvYnkl55E4MnzvroTiTt1FKGekWD0uL4/vQH:MGYnkl5m4Mbrnt1FKGekW0ZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bf2a9965c44b3f71cba2b2d14ee7950_NeikiAnalytics.exe

Files

8bf2a9965c44b3f71cba2b2d14ee7950_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

4639b9594741710dadc3ab34c236d790

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\DataRecorder\HostRecorder\2008Project\DataRecorder\DataRecorderTest\NDRApp\exe\NDRApp.pdb

Imports

msvcr100d

_cexit
_amsg_exit
__FrameUnwindFilter

ndrdll

?NDRResumeRecording@NDRDLLFunctions@NDRDLL@@SAIPAX@Z
?NDRPauseRecording@NDRDLLFunctions@NDRDLL@@SAIPAX@Z
?NDRUDPPortReceiveEnable@NDRDLLFunctions@NDRDLL@@SAHU_UDPPortConfig_tag@@@Z
?NDRStopRecording@NDRDLLFunctions@NDRDLL@@SA?AU_RecordStatus_tag@@PAX@Z
?NDRStartRecording@NDRDLLFunctions@NDRDLL@@SAPAXU_RecordParams_tag@@I@Z

kernel32

QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcessId
Sleep

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4639b9594741710dadc3ab34c236d790

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100d

ndrdll

kernel32

mscoree

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 51KB - Virtual size: 50KB

.data Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 512B - Virtual size: 494B

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 51KB - Virtual size: 50KB

.data
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 494B