26186d1f4bb62cfd0e98f28d0f8ec1961fa80da968615820b83b54b4e05caf86_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26186d1f4bb62cfd0e98f28d0f8ec1961fa80da968615820b83b54b4e05caf86_NeikiAnalytics.exe
Size

1.2MB
MD5

da5c1f70b8ffb12637e016802d288960
SHA1

f53ba980deefb6563cdb00a3cf651c906fc606f9
SHA256

26186d1f4bb62cfd0e98f28d0f8ec1961fa80da968615820b83b54b4e05caf86
SHA512

a1cb1a143b25de59529fda725d30ced2f2bf949c82a9a9d8b48624a14e0fd0f7831ffbb15c47df90e8f265f9680afd2ee99dff32c4db41bdb15d4baee5dc3fb1
SSDEEP

12288:+iZLB7/17yI0bYryN30FjhYNpNbLUOHwSnV/K7K8Vmhdc7ftH8wk2WMga/VZ1eL:lNb1mpYryVqupHdb/uDmABc1a/VZ1eL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26186d1f4bb62cfd0e98f28d0f8ec1961fa80da968615820b83b54b4e05caf86_NeikiAnalytics.exe

Files

26186d1f4bb62cfd0e98f28d0f8ec1961fa80da968615820b83b54b4e05caf86_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

62f205fe3d5e06c190cbad78ac9b9e4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pbvm90

ord137

kernel32

GetModuleFileNameA
FreeEnvironmentStringsA
LoadLibraryA
GetProcAddress
GetCommandLineA
GetCPInfo
IsDBCSLeadByte
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
GetACP
GetOEMCP
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
GetStringTypeA
VirtualFree
RtlUnwind
WriteFile
GetStringTypeW
HeapFree
HeapAlloc
VirtualAlloc

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ