37256b90d162dfa4455d5ee902bfed5e25e203d0bda1f684bc7c42a5b2538085_NeikiAnalytics[.]exe

General

Target

37256b90d162dfa4455d5ee902bfed5e25e203d0bda1f684bc7c42a5b2538085_NeikiAnalytics.exe
Size

7KB
MD5

7ca14ce771bb055f89f11d7335478290
SHA1

f8a61f7ddbed795aa1c5a1754c0efbddd1898cdc
SHA256

37256b90d162dfa4455d5ee902bfed5e25e203d0bda1f684bc7c42a5b2538085
SHA512

349812b7729a6877c5a90c36b31586df30ac42be2edd64b1592462a0775fffd4fc588bc3db9ef5a3bb7b59e4b561e776a2dddb9c957e514e0ca353aac0b9ae2a
SSDEEP

192:V2s0mszshsks9s2sbsYszbu1ksiVznFRZ7dt/2ON2X2HRFnLt9PnAS:V2aagdIjGtziVFRZ7dt/2ON2X2HRFnLL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37256b90d162dfa4455d5ee902bfed5e25e203d0bda1f684bc7c42a5b2538085_NeikiAnalytics.exe

Files

37256b90d162dfa4455d5ee902bfed5e25e203d0bda1f684bc7c42a5b2538085_NeikiAnalytics.exe
.dll windows:6 windows x64 arch:x64

1ab737ee7685db37f11d09c73cca5cc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Develop\One-Core\Output\Output-MSVC-amd64\msvc_pdb\Debug\api-ms-win-core-winrt-string-l1-1-1.pdb

Imports

ntdll

DbgPrint
RtlRaiseException

Exports

Exports

HSTRING_UserFree
HSTRING_UserFree64
HSTRING_UserMarshal
HSTRING_UserMarshal64
HSTRING_UserSize
HSTRING_UserSize64
HSTRING_UserUnmarshal
HSTRING_UserUnmarshal64
WindowsCompareStringOrdinal
WindowsConcatString
WindowsCreateString
WindowsCreateStringReference
WindowsDeleteString
WindowsDeleteStringBuffer
WindowsDuplicateString
WindowsGetStringLen
WindowsGetStringRawBuffer
WindowsIsStringEmpty
WindowsPreallocateStringBuffer
WindowsPromoteStringBuffer
WindowsReplaceString
WindowsStringHasEmbeddedNull
WindowsSubstring
WindowsSubstringWithSpecifiedLength
WindowsTrimStringEnd
WindowsTrimStringStart

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ab737ee7685db37f11d09c73cca5cc7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 2KB

.pdata Size: 512B - Virtual size: 108B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 2KB

.pdata
Size: 512B - Virtual size: 108B

.rsrc
Size: 1KB - Virtual size: 1KB