64433295bdfae9dcd2ecb1986e45d460_NeikiAnalytics

General

Target

64433295bdfae9dcd2ecb1986e45d460_NeikiAnalytics
Size

107KB
MD5

64433295bdfae9dcd2ecb1986e45d460
SHA1

8be52426feb1acd29e8b52b69dc17f17721b5da4
SHA256

f06d7b152bb1357b9c6e27012c4941fa02bda3308817d2504ec0fd07437a0d2e
SHA512

3a2af19590c9fa6fce8f9270725140af3c5926c921b0a77c69ad9923e8dbc0cec3cfd1bf24d867ff7a600efb260433fe67592d5d6bf7cf1c5f3ee1b405767626
SSDEEP

1536:ZziipXCK1DtImKlOfULDZHcBkEhI1qhFIyqGDpKkuY0b+zWSB8V/mSl/aVLczPNf:Zzly2IpOYhtynYJAlBczPQ0NgASz

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
64433295bdfae9dcd2ecb1986e45d460_NeikiAnalytics
unpack001/out.upx

Files

64433295bdfae9dcd2ecb1986e45d460_NeikiAnalytics
.dll regsvr32 windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IASParmsQueryUserProperty

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 97KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 176KB

UPX1 Size: 97KB - Virtual size: 100KB

.rsrc Size: 9KB - Virtual size: 12KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 222KB - Virtual size: 222KB

.orpc Size: 512B - Virtual size: 57B

.data Size: 3KB - Virtual size: 5KB

.pdata Size: 10KB - Virtual size: 9KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 176KB

UPX1
Size: 97KB - Virtual size: 100KB

.rsrc
Size: 9KB - Virtual size: 12KB

.text
Size: 222KB - Virtual size: 222KB

.orpc
Size: 512B - Virtual size: 57B

.data
Size: 3KB - Virtual size: 5KB

.pdata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 2KB