a8bbe48fbd8f991f1639cec3249fb5f59a7511113633b638dc1d8f7648b82fe1_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

a8bbe48fbd8f991f1639cec3249fb5f59a7511113633b638dc1d8f7648b82fe1_NeikiAnalytics.exe
Size

320KB
MD5

9fccd9ac9278cbd7b4e326c6f2b8f790
SHA1

5b8f50f9b03f50bcc8562a536a7311acfdf6bb1b
SHA256

a8bbe48fbd8f991f1639cec3249fb5f59a7511113633b638dc1d8f7648b82fe1
SHA512

cca2ac94f51ae7062e54c100635683ac995f77989bebbfb311a79c4893998ede510f4582c32c9a1e1c19a0ec2a2eaa6c8e87f35abf374315fd6ed05b3a11c95b
SSDEEP

6144:yRR5rhZFQGrsUwF7vlPoSAsXotPbInkotXG+Zy4zRIVebSX51b/oL:yR5nWFpPoSAqtXDZTzRqt55wL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8bbe48fbd8f991f1639cec3249fb5f59a7511113633b638dc1d8f7648b82fe1_NeikiAnalytics.exe

Files

a8bbe48fbd8f991f1639cec3249fb5f59a7511113633b638dc1d8f7648b82fe1_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ