472f53cbd4100eab192967706c78c960_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

472f53cbd4100eab192967706c78c960_NeikiAnalytics
Size

585KB
MD5

472f53cbd4100eab192967706c78c960
SHA1

c76c8e85617fb80a3c4ff6fca1c4d7137356f68e
SHA256

9ff48734cd1037ce2c366d6951cfabfeba2fa045e598a2d5c7afeaf668506f75
SHA512

de68babb437380a5365887d1b17ddd046364218713b95e900f7957bfcdddc3f7c8bc715dd26daa65b7fcc5c77c3be569a82acafe14ce5594affde7b4dad54951
SSDEEP

12288:0EQoS94HdyFF9wh/AiY+6io1fq7FdjF4Y95dmqr1dq4gX1+Si:0yoS/mfd1kP595dtr1sf1+Si

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
472f53cbd4100eab192967706c78c960_NeikiAnalytics

Files

472f53cbd4100eab192967706c78c960_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ