4c0954731406aee867950d5c902c3ba0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

4c0954731406aee867950d5c902c3ba0_NeikiAnalytics.exe
Size

40KB
MD5

4c0954731406aee867950d5c902c3ba0
SHA1

21494bcd9e13519f922105d0faa828a5d8949c40
SHA256

cd2a74d5759a886f52e9f6e52b2ffc7a0bc2a80b0f62ca26358e25117f0111d3
SHA512

b8491ac5c33ea4819c5ca72317cfe64c62fa6d63685791b52dd6f1264f3228561a8a7bc34bfd7f437e25a29ff468e83c3e29004e1ea4faa65c598e750f15f4c2
SSDEEP

384:5pUJTSsSL/OLgXzkMfITwDYizbaz7dt7fVflCOCCyTpQ1iCxlzCIl7Xk9Y:5psSsSOcXzk4I0FanfEuZhx4IlrA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c0954731406aee867950d5c902c3ba0_NeikiAnalytics.exe

Files

4c0954731406aee867950d5c902c3ba0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

2cf21a299aa3613c237e87bf16192e36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleFileNameA
CloseHandle
CreateProcessA
SetStdHandle
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCPInfo
GetACP
GetOEMCP
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
HeapReAlloc
GetLastError
SetFilePointer
GetProcAddress
FlushFileBuffers

shlwapi

PathFileExistsA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE