76cdd52285cfcf201e603302ce7dae70_NeikiAnalytics | Triage

Sharing

General

Target

76cdd52285cfcf201e603302ce7dae70_NeikiAnalytics
Size

299KB
MD5

76cdd52285cfcf201e603302ce7dae70
SHA1

d18aec9f62d7e9608872b1e03a494211f8880aaa
SHA256

54af8c73c87e5479905a6c78b02a10c9f45c5ad71496116f8ec7f5b376b84b4a
SHA512

6ff4a1e8cd50ab80ddbbce54c18981ff3e02d1ea843a26edf67315776b70e9864d4bbf1d578ccd6f7f1ed875d7e2afd74e8ad2176cae35dc6053dfe76abdd18f
SSDEEP

6144:0jluQoSuIo5RZfxPxxvSHaU4CHQyH1LKrFgkBHD1ud3NMB+vBWB:0EQoSCV5xE6U4WQK1LKRpom

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76cdd52285cfcf201e603302ce7dae70_NeikiAnalytics

Files

76cdd52285cfcf201e603302ce7dae70_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ