1e81f67f4b6e506b5b3684ce04b63a40_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e81f67f4b6e506b5b3684ce04b63a40_NeikiAnalytics.exe
Size

500KB
MD5

1e81f67f4b6e506b5b3684ce04b63a40
SHA1

12ccd29732d7e31ab1813e25250d55a165dd9c5a
SHA256

b858674c89d9583e6b7911fa2e96881c333f22ed5afa8897dedfab7fd6e22298
SHA512

838230ad455eb3ca0332509920c2253094ba3bd19998ee1ff8228ff2643a29e91865d2b0ee59d35b392ef3841e6d07a8afb5e054d4347e333aae592e9c661c2b
SSDEEP

6144:FB3mndoBXs/K5tyRz1NlJFGOVDVfA+Au0nGCLkCkMvgXk+RxxNUReniAMtDewrk:FK48/Kbk7tbfAru0nGBAwHRvNJqt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e81f67f4b6e506b5b3684ce04b63a40_NeikiAnalytics.exe

Files

1e81f67f4b6e506b5b3684ce04b63a40_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Evyn\My Documents\Visual Studio 2005\Projects\Coronavirus\obj\Release\wordpad.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ