Behavioral task
behavioral1
Sample
b2739b7f6d1227761aefa9f256ed9970_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
b2739b7f6d1227761aefa9f256ed9970_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
b2739b7f6d1227761aefa9f256ed9970_NeikiAnalytics
-
Size
236KB
-
MD5
b2739b7f6d1227761aefa9f256ed9970
-
SHA1
9c3868075147e7815c13008b8e837a387387fa05
-
SHA256
58676e386e9d85c29873f52a803cfff142d56820c9213ccf16c9de0170ace24d
-
SHA512
cb9beebf23cad6e45c83de7251dd3bc5f655e0b69ba22d4d5041c0541ad873d3d05a5c279a14452cb0f543f27f32cec34986128c4a37bdaba5bf2c9476c152a5
-
SSDEEP
1536:WDusHJo0IHgL2AHfb1mzaFXg+xsukl4Y17jsgS/jHagQNuXGpeV1eT92NdTy2OBn:1ox6AHjYzaFXg+w17jsgS/jHagQg1E5
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b2739b7f6d1227761aefa9f256ed9970_NeikiAnalytics
Files
-
b2739b7f6d1227761aefa9f256ed9970_NeikiAnalytics.exe windows:4 windows x86 arch:x86
210081ca7cb0771b9f31a7245cedfafa
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord516
ord518
ord553
ord593
ord594
ord598
ord631
ord632
ord525
EVENT_SINK_AddRef
ord528
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord608
ord531
ord716
ProcCallEngine
ord537
ord645
ord570
ord576
ord685
ThunRTMain
ord616
ord617
ord618
ord619
ord542
ord543
ord544
ord545
ord546
ord547
Sections
UPX0 Size: 104KB - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE