581844799a1e92e9507089dbc7191c9d162394a13e5e44d1307646a97126e749_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

581844799a1e92e9507089dbc7191c9d162394a13e5e44d1307646a97126e749_NeikiAnalytics.exe
Size

266KB
MD5

3d33790348b516f3c7cc91687d41f100
SHA1

8816b16eedf3fb5882e58ad4d5b730a2f0e9640b
SHA256

581844799a1e92e9507089dbc7191c9d162394a13e5e44d1307646a97126e749
SHA512

c3d3b3ff1b57f6a1b666dde97e4c6e8eda6177697dca02e77f40dc8758a912d8ad04588a413cf638c6f4af33c3f3872ca2d1c34a20d972230c41d9761bf6a005
SSDEEP

3072:/BSW1FTbL3G5Pu9fJTwIJpnjMmPfEmEaDlS4djM1hkVMv4GfDKJzBfQzDLZXe6hm:ZbispJTw+pImPfElaRSEuifQznJU9eg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
581844799a1e92e9507089dbc7191c9d162394a13e5e44d1307646a97126e749_NeikiAnalytics.exe

Files

581844799a1e92e9507089dbc7191c9d162394a13e5e44d1307646a97126e749_NeikiAnalytics.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\JenWA\workspace\ZCM_1141_CORE_WIN\client\systemupdate\SystemUpdateCore\obj\Release\SystemUpdateCore.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 264KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ