299d388c83036bdf26872f955e0ef6f7f3f1a50ea196487dbeddefcdc81433d0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

299d388c83036bdf26872f955e0ef6f7f3f1a50ea196487dbeddefcdc81433d0_NeikiAnalytics.exe
Size

48KB
MD5

9db9ca97f66f88be818a02ac427b3040
SHA1

98542f7f287f39dd7cfa2c72f0ed1a378052c532
SHA256

299d388c83036bdf26872f955e0ef6f7f3f1a50ea196487dbeddefcdc81433d0
SHA512

41dfd9e43886725de6bfb535dd6212859ac55d4bd87753f96e097bf50769b5716f6ea5ed95b1b9d1765e1962fa6588dae548aa3a35eb3a1ea0ef400e89d4fca3
SSDEEP

768:zGoIt2yocUXIrdmrBmsVjjNfNQfMuVWzz+E7/02:ry1UXF91lFr02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299d388c83036bdf26872f955e0ef6f7f3f1a50ea196487dbeddefcdc81433d0_NeikiAnalytics.exe

Files

299d388c83036bdf26872f955e0ef6f7f3f1a50ea196487dbeddefcdc81433d0_NeikiAnalytics.exe
.dll regsvr32 windows:4 windows x86 arch:x86

93eb3769f33f8ec34ce8fb48b5c9eabc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvbvm60

MethCallEngine
ord626
ord519
ord595
ord305
ord631
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord311
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord313
ProcCallEngine
ord685
ord101
ord102
ord103
ord104
ord105
ord616
ord617
ord618
ord546

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ