neshta | c910bab0b6eee88b7ed0a6569fabc7e0_NeikiAnalytics | Triage

Sharing

General

Target

c910bab0b6eee88b7ed0a6569fabc7e0_NeikiAnalytics
Size

144KB
MD5

c910bab0b6eee88b7ed0a6569fabc7e0
SHA1

7aa55d6d14096033fe22ed37f646d5c41bc862b4
SHA256

1f72e3d8cd1882111202ee44fc85841d4c51b3f9b27957f89d8ede3eb4410121
SHA512

71f5eb06d365a07875c304b6658f796101c32ca227a481b3aeeadd1d45ab338d74f785c513d283aadd0ae040072d91eb5a65f7c706dd056d2e73a82864b6c10f
SSDEEP

3072:sr85CquaJG4vlP6k4qmKjfHYToEcSJ9sfQvTg:k9RaJFvlP1jgTtJ4QvTg

Score

10^/10

neshta

Malware Config

Signatures

Detect Neshta payload 1 IoCs

resource	yara_rule
sample	family_neshta

Neshta family
neshta

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c910bab0b6eee88b7ed0a6569fabc7e0_NeikiAnalytics

Files

c910bab0b6eee88b7ed0a6569fabc7e0_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 42KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ