3283b94f0603b0c221cef6e0f958c890_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3283b94f0603b0c221cef6e0f958c890_NeikiAnalytics
Size

1.2MB
MD5

3283b94f0603b0c221cef6e0f958c890
SHA1

50dfd3ef711f2a6dfebe3aa3e49d99ff44e7f93d
SHA256

4a16c2f61d5ebf5bb61d98a812b7f57e0364a5557eecbf5bba176a2fefbec16c
SHA512

78df2b78b5f4a4a22a9b714fca57a4885fbb45144bd7234fd837fb33d2c7e7f9579eade8d5d7208778ec4a776f0ea46a4bba848c1f9db65428c57406cb6170f8
SSDEEP

24576:Yice6EtB7vKvu6G4oMG+3djLgeCpNX4Vuk1kcuUtJGqX:xBlXMG2dvgeCTZAhGqX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3283b94f0603b0c221cef6e0f958c890_NeikiAnalytics

Files

3283b94f0603b0c221cef6e0f958c890_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ktlju
Size: 512B - Virtual size: 4KB

.wu
Size: 512B - Virtual size: 4KB

.shik
Size: 512B - Virtual size: 4KB

.nbd
Size: 512B - Virtual size: 4KB