2b6c633cda61f56b6d8e6152af9bc0ada7c2aa2c331f9f5e0314d588adf4d3cb_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b6c633cda61f56b6d8e6152af9bc0ada7c2aa2c331f9f5e0314d588adf4d3cb_NeikiAnalytics.exe
Size

5KB
MD5

b666e237393be8e7b92985bc21661b00
SHA1

ba7d39b4bc16803441175fd016b5ff6f15ffd05b
SHA256

2b6c633cda61f56b6d8e6152af9bc0ada7c2aa2c331f9f5e0314d588adf4d3cb
SHA512

61565909ad69894d168a9b3b00a32b724de64a62f03daa7ae8e1dc8790272f96dcbcfa1efdbe39060c9cd101f9e2dfd0ff3c1692b30378fc53301f4ce1a0644c
SSDEEP

96:ZpHqFReXTCJSRgElzNvNZMtiRunPXjdk07k++VfFGsl:7qT6GJShltqPV+tFhl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6c633cda61f56b6d8e6152af9bc0ada7c2aa2c331f9f5e0314d588adf4d3cb_NeikiAnalytics.exe

Files

2b6c633cda61f56b6d8e6152af9bc0ada7c2aa2c331f9f5e0314d588adf4d3cb_NeikiAnalytics.exe
.exe windows:1 windows x86 arch:x86

bcc474361b28d7bba2f011670607cab9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

clbr19

__LpCmdLine
__LpPgmName
__NewExceptionFilter_
____Argc
____Argv
___process_fini
exit_
free_
malloc_

ed_tcplk

iMod_tcpConnection_
tcpCmdAdd_
tcpCmdMake4Send_
tcpConnectAll_
tcpSlotEmu_

ed_kern

_exitProg
_linked_pc
_optStartFromParent
_tcpDefClientPort
_tcpDefServerPort
_tcpMakeConnection
_tcpOn
_trcOption
deinit_all_
iMod_Memory_
moduleAddFun_
optClose_
optFindStrEx_
optGetLeftCmdEx_
optInit_
optPrintSep_
optPrint_
optSetModule_
xwPrintf_

Sections

AUTO
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ