Behavioral task
behavioral1
Sample
cde3f969b78fcc20cd33b80b123e71a0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
cde3f969b78fcc20cd33b80b123e71a0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
cde3f969b78fcc20cd33b80b123e71a0_NeikiAnalytics
-
Size
898KB
-
MD5
cde3f969b78fcc20cd33b80b123e71a0
-
SHA1
8e33e84b3ce0fdf43705678d1c28c6322db63d0f
-
SHA256
de185780ec10f6997b19cbdbb584ba5e4df4fec2d5c914a4c163912c6e4f6b24
-
SHA512
f8634dbe3100f8cebdd2c0fdfb4fdaf069564a34c34248dfd1223d24e1b9e6f0f1d63f69e7ce2ca2426896fc79b333776cb701b93e963ab60a022d647e213ac1
-
SSDEEP
12288:VEQoSmB9ANtegnn/hAMI1+YucZw+rrFHmnUbvoFTVIiv7dwHGkyNELmFRTktpSqc:VM9ZgnJeJ7FHBbvoFR7eFoetVsIDg9
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cde3f969b78fcc20cd33b80b123e71a0_NeikiAnalytics
Files
-
cde3f969b78fcc20cd33b80b123e71a0_NeikiAnalytics.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.g Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.kxvu Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.psfx Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fpugn Size: 512B - Virtual size: 4KB