bebfbc6ee140181feb18737ae13b6470_NeikiAnalytics | Triage

Sharing

General

Target

bebfbc6ee140181feb18737ae13b6470_NeikiAnalytics
Size

343KB
MD5

bebfbc6ee140181feb18737ae13b6470
SHA1

159ff2080d8db5038a3d8058ae1422fae09c4da6
SHA256

e4bc1f3e42da5ba4724d74ee68099d8d7069956f9ce91a47575d417917b95bd1
SHA512

197a82dae4e7c9c7368eb434e5a65a860684e75e164d1a453bcc8bba49105ffe01ccb1969059303dfaa1d450cdfa13d914fa028c0b5bfff385b3d8cf6451c89f
SSDEEP

6144:YjluQoSPIo5R4nM/40yJNgzW2GVMJfzKDfIkpm7PxBSfCJCRT:YEQoSpqhcjG4zRkYz3J2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bebfbc6ee140181feb18737ae13b6470_NeikiAnalytics

Files

bebfbc6ee140181feb18737ae13b6470_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ktlju
Size: 512B - Virtual size: 4KB

.wu
Size: 512B - Virtual size: 4KB

.shik
Size: 512B - Virtual size: 4KB

.nbd
Size: 512B - Virtual size: 4KB