ae524facfde67b4aa72eaff5db020220_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae524facfde67b4aa72eaff5db020220_NeikiAnalytics.exe
Size

461KB
MD5

ae524facfde67b4aa72eaff5db020220
SHA1

ac24c33cf125f5fcd09c6edbb0e9c5feae96eb71
SHA256

cada9019d05acd2d5aeaebaf3a0ec01a15db101ff2d4667718788598e448be01
SHA512

c0314e7abe678dc145a30e18d0fbd6606b690fa5275666993b5ca23eaa9807c81a757be280c5fb342f521b243bfc4fab375f9cc76302cf3bfd31bfede5e41144
SSDEEP

12288:Mn/BwqU52PJvdhyqkuBqUkGBqqqqqYKqq6qqqqqyqqqqqqaqqqqqqqqq4g61h5qU:Mv2VN7wHe01nK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae524facfde67b4aa72eaff5db020220_NeikiAnalytics.exe

Files

ae524facfde67b4aa72eaff5db020220_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

13d85cdeb0cad5aa6ebd76c861b356bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetWindowsDirectoryW
SetThreadExecutionState
DebugActiveProcess
FlushFileBuffers
GetVolumeNameForVolumeMountPointA
GlobalCompact
VirtualUnlock
SetConsoleTitleA
ReleaseSemaphore
WriteConsoleW
GetConsoleWindow
GetModuleHandleA
ReadProcessMemory
VirtualProtect
VirtualQuery
FreeConsole

mprapi

MprInfoBlockSet
MprAdminConnectionGetInfo

msvcrt

iswctype
memset
memcpy
wctomb

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ