18c24e92b48141ab208934e93e7d3dc57aeeb691494b60e47251a980f163d028_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18c24e92b48141ab208934e93e7d3dc57aeeb691494b60e47251a980f163d028_NeikiAnalytics.exe
Size

3KB
MD5

97e425997b38df9cc29020c6bf90d7f0
SHA1

5689065f957ead5ffdeb70c19a04d69fd9a142cc
SHA256

18c24e92b48141ab208934e93e7d3dc57aeeb691494b60e47251a980f163d028
SHA512

bf55c40c82262c1c80cb37003d43e6d241982fb9610b41d3c9fcdd020f7038959139b0fb6b34d3ff813f362994196b6f33ce13ef56ffcacfe10a7d6a0f4b3ac1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18c24e92b48141ab208934e93e7d3dc57aeeb691494b60e47251a980f163d028_NeikiAnalytics.exe

Files

18c24e92b48141ab208934e93e7d3dc57aeeb691494b60e47251a980f163d028_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress

Exports

Exports

?rundll@@YGXPAUHWND__@@PAUHINSTANCE__@@PBDH@Z
rundll32

Sections

.text
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 319B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ