Behavioral task
behavioral1
Sample
875d267553a5cda9af76138a903cbe20_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
875d267553a5cda9af76138a903cbe20_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
875d267553a5cda9af76138a903cbe20_NeikiAnalytics
-
Size
152KB
-
MD5
875d267553a5cda9af76138a903cbe20
-
SHA1
0abe8bdaeabc97894cf12469ff44fd1a3f2a15d7
-
SHA256
33e217247a016a5c5a78321cff436b65d071e79203d208feec9762131e1dbc28
-
SHA512
42d9cb3faac15562dec29d332e2cc1e78222603e95e3bf735acd10e097022ef1fd71ad944a9423d601d06ed538cf1bc3144ce015bc3b0c72947e56379b26fb6d
-
SSDEEP
3072:kg/E2bN1pe/Jr+1ZKFVmOrBoip2r5t4UG9wUjRjJp:v/zbNCCumTyw5tAwUdNp
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 875d267553a5cda9af76138a903cbe20_NeikiAnalytics unpack001/out.upx
Files
-
875d267553a5cda9af76138a903cbe20_NeikiAnalytics.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 464KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 105KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 256KB - Virtual size: 256KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 245KB - Virtual size: 293KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE