2b23a6ea719c76d880f513631d368430_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b23a6ea719c76d880f513631d368430_NeikiAnalytics.exe
Size

34KB
MD5

2b23a6ea719c76d880f513631d368430
SHA1

b0bf3ce6a0340de642076488a8cf057d8bf3d42b
SHA256

f04aad7a0126ac9336f2547ea84883cab716325d9d18e4ba87184e3ad7a350e3
SHA512

16284abb6378f7e89ccb66655ac00954884a6f3be68773299420808a5f4b0ceb36232c9aa3d342ebf9b10f1fb7923393e9a53c532d9d748932097a186f2f70de
SSDEEP

384:Oj/3On5QCMUWTSjuTB3tHER4RWaDW7R2tx7PdR3wqIKl6Lar:Ojf3XB9JwL7RCZRA6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2b23a6ea719c76d880f513631d368430_NeikiAnalytics.exe
unpack001/out.upx

Files

2b23a6ea719c76d880f513631d368430_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ