8ea524f8910875b3f2d5aaf84bf682a0_NeikiAnalytics

General

Target

8ea524f8910875b3f2d5aaf84bf682a0_NeikiAnalytics
Size

209KB
MD5

8ea524f8910875b3f2d5aaf84bf682a0
SHA1

f01a92a4a945e5035ce262baced5b35adf168e49
SHA256

0964e73ee39a6845ec38978680bf2695d7a41641cf8b37bdd3a7dfff9276eb45
SHA512

ca90aaedd817ca57b7abe4b8e4ad1ace961c90c235f3928fd3e890009311c8501f7ecb2408e2d11c85905eff4c3307f688598ae412c50a772cfd68beab90781e
SSDEEP

3072:1UyrJCR2lsOnzF1HULnoH0ZoLk3lMuTotxE7e6iTXCVjmIm5ag0ECVMb5EBNDX:CyQ2u6e780plM/0AC0Im57fbU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8ea524f8910875b3f2d5aaf84bf682a0_NeikiAnalytics
unpack001/out.upx

Files

8ea524f8910875b3f2d5aaf84bf682a0_NeikiAnalytics
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 512KB

UPX1 Size: 206KB - Virtual size: 208KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 210KB - Virtual size: 209KB

.rdata Size: 54KB - Virtual size: 53KB

.data Size: 8KB - Virtual size: 285KB

.rsrc Size: 116KB - Virtual size: 116KB

.reloc Size: 30KB - Virtual size: 30KB

UPX0
Size: - Virtual size: 512KB

UPX1
Size: 206KB - Virtual size: 208KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 210KB - Virtual size: 209KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 8KB - Virtual size: 285KB

.rsrc
Size: 116KB - Virtual size: 116KB

.reloc
Size: 30KB - Virtual size: 30KB