60ba7ef44312b64e150fe9c1d2335bee93feab7e526b2edfa4949ce5bd74debc_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60ba7ef44312b64e150fe9c1d2335bee93feab7e526b2edfa4949ce5bd74debc_NeikiAnalytics.exe
Size

8KB
MD5

996567681dac13b21e9179ae1c23d0c0
SHA1

4c3f583ea1c57396caabdedf8027ba0220fa2aee
SHA256

60ba7ef44312b64e150fe9c1d2335bee93feab7e526b2edfa4949ce5bd74debc
SHA512

4e49cbbc52c35ec396fcccb331d956533d468ec778a980bc30f942023a51cd40b330ac2af9504905c05bcd73f8bb9e0540d84823781d794c3d0a038629d85c87
SSDEEP

192:vHQf/TSfmwRfPAawKaNtNNSd5Rz3ecQh:/QTSfmCfYawwd5d3C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60ba7ef44312b64e150fe9c1d2335bee93feab7e526b2edfa4949ce5bd74debc_NeikiAnalytics.exe

Files

60ba7ef44312b64e150fe9c1d2335bee93feab7e526b2edfa4949ce5bd74debc_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

a43050ac731aabdb2907334bc5be5e8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetStdHandle
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
WaitForSingleObject
LoadLibraryA
lstrlenA
WriteConsoleA
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter

user32

MessageBoxA
wsprintfA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ