Behavioral task
behavioral1
Sample
b4b3a802bf95b51eda108e182e1f4990_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
b4b3a802bf95b51eda108e182e1f4990_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
b4b3a802bf95b51eda108e182e1f4990_NeikiAnalytics.exe
-
Size
2.6MB
-
MD5
b4b3a802bf95b51eda108e182e1f4990
-
SHA1
b445fc6a505d7dfe43d6353cfdf190caa8686734
-
SHA256
33c6544d2c58e1c16a4ab6bf1fc8dcf3857d707fa1ef1c0f491d329e8c63bc51
-
SHA512
dd80b3e242873e20f9857d8ba26c9da8f867c8b3d8505c60713a2715c7766fd8c5c7bb7c8be82c3b3daef9542f5ea187d4d797df73b65c00c737212753362758
-
SSDEEP
49152:BezaTF8FcNkNdfE0pZ9ozt4wINF/Y2jSzU0O+m+A:BemTLkNdfE0pZrl
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b4b3a802bf95b51eda108e182e1f4990_NeikiAnalytics.exe
Files
-
b4b3a802bf95b51eda108e182e1f4990_NeikiAnalytics.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 724KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 272KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE