b6fa510b26c700a93058c95782185200_NeikiAnalytics[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b6fa510b26c700a93058c95782185200_NeikiAnalytics.exe
Size

9.6MB
MD5

b6fa510b26c700a93058c95782185200
SHA1

5d97441b2568d0054a8adbcb3497b8b080b0a21f
SHA256

896d724ae5cc45d89c1e2feb2152fc6f3570b8764ed7aa1c4e941f298f13af77
SHA512

cd0163358c322930c9b8bf73f169c0d9518078c8834db376074cda69ffc424d3c9e4ad99c5d319b7fda22f4d51577cd454a3c7cb85b327a4b2103c29169a1361
SSDEEP

196608:nBIozVgzGOgd8t+QIWAGLjeO2YRUJRCkpDgnDm3z8T4uvrhf0B6HW1jZmLM8q:nCozV2GTYFIYJ2Ac1NgnDmwciMF

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
sample	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6fa510b26c700a93058c95782185200_NeikiAnalytics.exe

Files

b6fa510b26c700a93058c95782185200_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 601KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 132KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4.4MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 30KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 601KB - Virtual size: 1.1MB

Size: 132KB - Virtual size: 322KB

Size: 4.4MB - Virtual size: 4.5MB

Size: 30KB - Virtual size: 51KB

Size: 1.1MB - Virtual size: 1.1MB

Size: 2KB - Virtual size: 4KB

.imports Size: 2KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 171KB - Virtual size: 171KB

.themida Size: - Virtual size: 5.7MB

.boot Size: 3.2MB - Virtual size: 3.2MB

.reloc Size: 16B - Virtual size: 4KB

.imports
Size: 2KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 171KB - Virtual size: 171KB

.themida
Size: - Virtual size: 5.7MB

.boot
Size: 3.2MB - Virtual size: 3.2MB

.reloc
Size: 16B - Virtual size: 4KB