541dbff2ed4e8fdcda83bd8a3ba1038ee7ccd185838309de82478296fbfa0ff6_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

541dbff2ed4e8fdcda83bd8a3ba1038ee7ccd185838309de82478296fbfa0ff6_NeikiAnalytics.exe
Size

40KB
MD5

0ac27be6b09389ef2e9b958b17e17f90
SHA1

59e466881fcbfe9b4e697dc00176f519d460e6bd
SHA256

541dbff2ed4e8fdcda83bd8a3ba1038ee7ccd185838309de82478296fbfa0ff6
SHA512

a0e2cf559cb1c0e892f4a3b3b45c0dd440fa503791421b0c4c5db3504cd305932ca12190b4128fd3a28e8e1717988ecf0b97bd5d22a837f2ec145243a176be01
SSDEEP

768:s3fko/XSjt6sp8F9bdHXtHs7CQpcdHoCCvc:ssht6a8F95NWee1vc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
541dbff2ed4e8fdcda83bd8a3ba1038ee7ccd185838309de82478296fbfa0ff6_NeikiAnalytics.exe

Files

541dbff2ed4e8fdcda83bd8a3ba1038ee7ccd185838309de82478296fbfa0ff6_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

8a0a5343feaaabb3dea2557cc7b45ead

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord517
ord518
ord593
ord594
ord598
ord520
ord631
ord632
ord526
EVENT_SINK_AddRef
ord528
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord606
ord607
ord608
ord717
ProcCallEngine
ord537
ord644
ord570
ord648
ord573
ord685
ord100
ord616
ord618
ord546
ord547
ord580

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ