Behavioral task
behavioral1
Sample
9eecde7462127dc9ac0718a91f7024d0_NeikiAnalytics.exe
Resource
win7-20240215-en
General
-
Target
9eecde7462127dc9ac0718a91f7024d0_NeikiAnalytics.exe
-
Size
78KB
-
MD5
9eecde7462127dc9ac0718a91f7024d0
-
SHA1
effdda120b9ed225d77d9b73b1f4392be1431166
-
SHA256
da0017d77f1d1fa55a43e695f835579d875509dc71cc667a5f83666437d3c437
-
SHA512
4f8de1f437277dade32cc5dcbe88ecca6b19431d06a706d758f90a3970226ca8d82ca84a4adfcbffc84614363d8202405f9951402c81e32dc458935011b97816
-
SSDEEP
1536:/vQBeOGtrYS3srx93UBWfwC6Ggnouy8jb5DiLKrb6MxvMnl2/Aw:/hOmTsF93UYfwC6GIoutcKbtxNd
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 9eecde7462127dc9ac0718a91f7024d0_NeikiAnalytics.exe
Files
-
9eecde7462127dc9ac0718a91f7024d0_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
vryeypb Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE