Behavioral task
behavioral1
Sample
0160850753314f2f1df826cfb42b17a0_NeikiAnalytics.exe
Resource
win7-20240221-en
General
-
Target
0160850753314f2f1df826cfb42b17a0_NeikiAnalytics
-
Size
2.7MB
-
MD5
0160850753314f2f1df826cfb42b17a0
-
SHA1
356db1d6e6bd20499fd52265059df46a4321f9e6
-
SHA256
90e26811b90f1afb958293a8e55049ad058844ced2ae8e58519118debfeacac0
-
SHA512
b55d701d1084953fb3b640c3baef6e66b2a38bd4754b98d532c11ff8ebaa67fff712538093c1a64ec6708780b7a2a045fbca01eee56ebf080de52830845704be
-
SSDEEP
49152:N0wjnJMOWh50kC1/dVFdx6e0EALKWVTffZiPAcRq6jHjcz8DzHUJ8Y9c3t2zSq:N0GnJMOWPClFdx6e0EALKWVTffZiPAcG
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0160850753314f2f1df826cfb42b17a0_NeikiAnalytics
Files
-
0160850753314f2f1df826cfb42b17a0_NeikiAnalytics.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 1.3MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 525KB - Virtual size: 528KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE