xmrig | 71de1705ff0883e0414fc9d84d1bc470_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71de1705ff0883e0414fc9d84d1bc470_NeikiAnalytics.exe
Size

1.7MB
MD5

71de1705ff0883e0414fc9d84d1bc470
SHA1

8256a2d9c6de6103d1987a4e81ac43094b1e95ef
SHA256

af52dbeeb7c9cee3e6d0f6f7dcfe31cf91dac0f4f43c3b20a37d7a45c3718f3a
SHA512

48277a9dd24068d05df1a0d46d7c8b72dc6b299945c402410455f6ee92e9d10ed7f8d9b929c4e28a2ef244b5c4aa0c5cf3b9398c022ce653ddf382464514d863
SSDEEP

49152:GezaTF8FcNkNdfE0pZ9oztFwIRxj4c5yOBQhRnMizN/:GemTLkNdfE0pZau

Score

10^/10

miner xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71de1705ff0883e0414fc9d84d1bc470_NeikiAnalytics.exe

Files

71de1705ff0883e0414fc9d84d1bc470_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT_CN
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ