Behavioral task
behavioral1
Sample
a28f8b1b77c473d40cbd24126057c790_NeikiAnalytics.exe
Resource
win7-20240221-en
General
-
Target
a28f8b1b77c473d40cbd24126057c790_NeikiAnalytics.exe
-
Size
401KB
-
MD5
a28f8b1b77c473d40cbd24126057c790
-
SHA1
ddebcc4087b10b9f22dd66b0ab8e50f634342725
-
SHA256
84e5f90c2df0a0a9672eeeeae569ecd3a1e4e86089917a65dc9ca78bbc7738a9
-
SHA512
837f8d665ffd28d06efd75df6cb17672e68c93ecbed5d80b1dea45ec9b55628e9fd44579a0e22e285a323440161cace55ce4d84abf9ee43844c2ee23de9078f3
-
SSDEEP
6144:kcm4FmowdHoSph3Ymu8wdHoSM05d34iWRbzami3e:y4wFHoS3zuxHoSTd34iWRhiu
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a28f8b1b77c473d40cbd24126057c790_NeikiAnalytics.exe
Files
-
a28f8b1b77c473d40cbd24126057c790_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE