d3cb84c0b1d729f9613e458a888a2060_NeikiAnalytics | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3cb84c0b1d729f9613e458a888a2060_NeikiAnalytics
Size

2.0MB
MD5

d3cb84c0b1d729f9613e458a888a2060
SHA1

7224f16b3dd15d670eac9a000050b90cd3e88c77
SHA256

eb8df5bc70a5ec6649d65c29c9e50932f03d3def1ce82e82d156405904a8d400
SHA512

d89c4cc6e3c4205023c8583ceddbc0de60235d15dccd38d5c5463627b97e6b6e4eb24431c6b6cc79b1e18cbdae3da2e93f7d1288c8a64fb0e0c7438fa8e702ef
SSDEEP

49152:5xehyEosVWvzpZsNPDCHaYh6mkUsY53apjg44cVStECMEst:5IFfOa5v0kmcVS2t

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3cb84c0b1d729f9613e458a888a2060_NeikiAnalytics

Files

d3cb84c0b1d729f9613e458a888a2060_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE