3dfd856ed981dd9c8eb6b39d40fd9650_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dfd856ed981dd9c8eb6b39d40fd9650_NeikiAnalytics.exe
Size

164KB
MD5

3dfd856ed981dd9c8eb6b39d40fd9650
SHA1

cee4f899ae8f62ed4d2f80face913bd592426c09
SHA256

a0782b3dc8c1f0200675df41b11f066ce82ee10731c31785430f5fde7fef63cc
SHA512

93d83fb1f549e66e4ec7e5e537b9cf2973a72a76439c38755a81485ad244b6db9c65e1229d509d288db65ad665274fc818d75cfac023000be4df922dc54f6983
SSDEEP

3072:3URwLNTJjKLw3AdppU6cO51MLfqY7hSpXSJMT+mzMLU4Fm1MyWmribIhA+:3CP5BL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dfd856ed981dd9c8eb6b39d40fd9650_NeikiAnalytics.exe

Files

3dfd856ed981dd9c8eb6b39d40fd9650_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\root\9f43385f\35dfbd2e\App_Web_lnzzm47s.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ