Behavioral task
behavioral1
Sample
a79b23cb810908a8f499421e19a22cb0_NeikiAnalytics.exe
Resource
win7-20240215-en
General
-
Target
a79b23cb810908a8f499421e19a22cb0_NeikiAnalytics.exe
-
Size
363KB
-
MD5
a79b23cb810908a8f499421e19a22cb0
-
SHA1
0962cf27925bf727c835933f2d35c49e0760ec84
-
SHA256
7bc9346d800ce1b1bcfde5fe104a3badd2fa9d4e196f6dc47646f4afed0f5a70
-
SHA512
eec7eed501a52a983db3f8585f63d11dd24631b27c683d0ab850423a3b39643383ea0e1c8b8f40a82d0b38fbb1d76abf1e20c064a32ada0029288dd8be7e00e5
-
SSDEEP
6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8F:/4wFHoSQuxy3rTXIM18F
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a79b23cb810908a8f499421e19a22cb0_NeikiAnalytics.exe
Files
-
a79b23cb810908a8f499421e19a22cb0_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.code Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE