4ad951daf6c7d77030442515c2ec0920_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ad951daf6c7d77030442515c2ec0920_NeikiAnalytics.exe
Size

10KB
MD5

4ad951daf6c7d77030442515c2ec0920
SHA1

ff0cace70dbfabff81267d3b683e27a16d247703
SHA256

1a4dcb917868f5841e3d71288c3cc72746216f74b27c554960c74ecd0033e7f8
SHA512

ae036db26ad177c1f8619dd55d1899a814f9af86e5d26b1414913a6265cd7c3e640c3ce0da98182217839b4c620c122363af70d3f85242f0a9b18e5446918d6b
SSDEEP

192:XbeEzS7saSxiepfKXzyduCw7v7Mn0kGP2d3Rj:X9zS7qxiOuv7qMP2d31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ad951daf6c7d77030442515c2ec0920_NeikiAnalytics.exe

Files

4ad951daf6c7d77030442515c2ec0920_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

c79af82976d2c4e9486f742d50fcd8fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gfil32

ord90
ord56
ord58
ord52
ord53
ord55
ord50
ord54
ord91
ord60
ord57

mfc42

ord5731
ord3922
ord2512
ord2554
ord1089
ord2396
ord3346
ord6375
ord4486
ord5199
ord5302
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord5300
ord4079
ord2985
ord3081
ord2976
ord4698
ord3830
ord3825
ord3079
ord4080
ord4622
ord4673
ord3738
ord561
ord825
ord815
ord800
ord858
ord4129
ord5683
ord537
ord5830
ord3727
ord802
ord2818
ord540
ord542
ord535
ord1085
ord823
ord924
ord4274
ord3831
ord3136
ord3262
ord4424
ord1168
ord1576

msvcrt

exit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_acmdln
__getmainargs
_controlfp
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
_setmbcp
_except_handler3

kernel32

WinExec
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ