Behavioral task
behavioral1
Sample
e2c5b7ea01deb2fd21859fd58c3cf4f0_NeikiAnalytics.exe
Resource
win7-20240508-en
General
-
Target
e2c5b7ea01deb2fd21859fd58c3cf4f0_NeikiAnalytics.exe
-
Size
537KB
-
MD5
e2c5b7ea01deb2fd21859fd58c3cf4f0
-
SHA1
ad7db572d2aa10d82fbd4609cf15f14484e1c7dd
-
SHA256
f6e54a24dfbfad59920a59fcdb8b0056b8c92f920b9908ac3e31af09793dc35f
-
SHA512
bd0c585cdb3bceeb5f81171789062dec8be93f3c46e42988a4fc13fc20d7238bb2aa7b4a92d6cbb9906c9a99b804058ecd6dccf573c2e1fc1465da98461e9182
-
SSDEEP
12288:y4wFHoS3eFp3IDvSbh5nP+UbGTHoSouKs8N0u/D6vIZd:HFp3lzZbGa5sod
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e2c5b7ea01deb2fd21859fd58c3cf4f0_NeikiAnalytics.exe
Files
-
e2c5b7ea01deb2fd21859fd58c3cf4f0_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE