bb524e3eb1eb6328cc3aba9341425010_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

bb524e3eb1eb6328cc3aba9341425010_NeikiAnalytics.exe
Size

52KB
MD5

bb524e3eb1eb6328cc3aba9341425010
SHA1

384ce58aebfc69009a80e3dfc7ab8ea599aa400a
SHA256

22756acfdec01f6f47e1763f427736761e91ac09d1656741124dc2763632483d
SHA512

e75f46f861abb78b934caff51b822c6bb28e8e18b7706b370e2f6f6cffd47c072e133162b93ce5a9f8890fd150fff2c9c777956c998527bf5c5213c8e425fe63
SSDEEP

1536:vMcQYte55zs091Zw9FAGDdJYipvwGf9ogjrgY:vMhAe5Zs091KI+JYixw49XjrD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
bb524e3eb1eb6328cc3aba9341425010_NeikiAnalytics.exe

Files

bb524e3eb1eb6328cc3aba9341425010_NeikiAnalytics.exe
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

.text
Size: 35KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IOSDWD
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE