ce847058940eff0451ef2e5bc19b4fe0_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce847058940eff0451ef2e5bc19b4fe0_NeikiAnalytics
Size

1.4MB
MD5

ce847058940eff0451ef2e5bc19b4fe0
SHA1

81638d6824d48b18146274200dba334af5acae5d
SHA256

b1601fce01c8751c0992b8b0e5c89b7a945245d649b5fdca247e2bb99988f162
SHA512

bd3fcda103f2c9f643b1aeec2d2aec70039001206ef4798093b99bfca2064163cff741a7b47ad2dbdbc66b9857adad0413e87d14e9601980bd6628c1dd6ecef4
SSDEEP

24576:JBKC4UmLfPbWejvb1JnQwo4oWUsx33WY7HokC8hizV2L1e6sgDF7:Ph4NtjQbmlvD4V2LPso

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce847058940eff0451ef2e5bc19b4fe0_NeikiAnalytics

Files

ce847058940eff0451ef2e5bc19b4fe0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btnj
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE