c398e2d9121fabe3f19346288e2dba40_NeikiAnalytics

General

Target

c398e2d9121fabe3f19346288e2dba40_NeikiAnalytics
Size

969KB
MD5

c398e2d9121fabe3f19346288e2dba40
SHA1

ac92fb59e03b94bd2961b65416e61a8796936541
SHA256

818fc2e7b70267c825e15db27a733126db1231ae0e06c9a01f60f747fd177901
SHA512

b41ccc5f0f28168daeb2110609c75a9f6182d571e6a19fe9e55007ff8a980282da56fe37475d5b5ce6ebc7a7baf35e498e3f9373856650e8b9a08f37797a2a9b
SSDEEP

24576:pyW2TSWQ4jFq7pYQGgOb18PzsXEqOwU9gDGj240SJr4t+aNFdZ:p/34jFapy5kzIJ6a4B1KX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c398e2d9121fabe3f19346288e2dba40_NeikiAnalytics
unpack001/out.upx

Files

c398e2d9121fabe3f19346288e2dba40_NeikiAnalytics
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 968KB - Virtual size: 968KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 897KB - Virtual size: 896KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.4MB

UPX1 Size: 968KB - Virtual size: 968KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 812KB - Virtual size: 812KB

.rdata Size: 897KB - Virtual size: 896KB

.data Size: 65KB - Virtual size: 612KB

.pdata Size: 21KB - Virtual size: 21KB

.xdata Size: 512B - Virtual size: 180B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 15KB - Virtual size: 14KB

.symtab Size: 512B - Virtual size: 4B

UPX0
Size: - Virtual size: 1.4MB

UPX1
Size: 968KB - Virtual size: 968KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 812KB - Virtual size: 812KB

.rdata
Size: 897KB - Virtual size: 896KB

.data
Size: 65KB - Virtual size: 612KB

.pdata
Size: 21KB - Virtual size: 21KB

.xdata
Size: 512B - Virtual size: 180B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 14KB

.symtab
Size: 512B - Virtual size: 4B