Behavioral task
behavioral1
Sample
05de1d0cd008069706769119b066c4b0_NeikiAnalytics.exe
Resource
win7-20240221-en
General
-
Target
05de1d0cd008069706769119b066c4b0_NeikiAnalytics.exe
-
Size
381KB
-
MD5
05de1d0cd008069706769119b066c4b0
-
SHA1
34a0b5eebbb3e6a17c305d9e8f9272475a717013
-
SHA256
3628df5a941f5564535474efbbfe92ea4882d699ca40bef75265cefb44088b18
-
SHA512
bb1efe8d6376d762fb6d019e93acd0b249363160d16999bb1895c18e23396b3435432716e39fbd948ead100d30d6e15dc0483f7b42fb49e270b864ef3fcd3b5b
-
SSDEEP
6144:kcm4FmowdHoSphraHcpOaKHpSwp9OD0IbswYTr:y4wFHoS3eFaKHpNKbbswer
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 05de1d0cd008069706769119b066c4b0_NeikiAnalytics.exe
Files
-
05de1d0cd008069706769119b066c4b0_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE