3c37814bb68f63b76151c1ae26431460_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c37814bb68f63b76151c1ae26431460_NeikiAnalytics
Size

1.6MB
MD5

3c37814bb68f63b76151c1ae26431460
SHA1

7ba4e2d53cc569ec7ce67bd658333eef077d6c01
SHA256

471b57730c2680e5a891ae173883286b21a980c53d6cdfc60d0a11a0a665f9e5
SHA512

e9b1432215c4b6af9d0670c590c92fae2cbf8acf4b2d12c4c4eaa36b85bff2170481ff63c47c4bf3e012b3bf69ba6e93f86529f9c0e42b06fa69c4592125ee23
SSDEEP

24576:SxIGVdMPqvwlpsLGy3isxhP/8mbB+94q80hgwtv1AC4zQDtUPxbppn3LARkpLJBL:sTVdFpLGyd7bj9w3AaD4xn77t9B

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c37814bb68f63b76151c1ae26431460_NeikiAnalytics

Files

3c37814bb68f63b76151c1ae26431460_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i
Size: 512B - Virtual size: 4KB