Behavioral task
behavioral1
Sample
b5ec551250661f81976b05fc3b349d70_NeikiAnalytics.exe
Resource
win7-20240221-en
General
-
Target
b5ec551250661f81976b05fc3b349d70_NeikiAnalytics.exe
-
Size
367KB
-
MD5
b5ec551250661f81976b05fc3b349d70
-
SHA1
64a266ef8803806778bce04eb1ad6f2ff556272d
-
SHA256
8333eb94e1de377d0b8bb58e36a3b559203193c3a3fe4f6e9424189fe56b357f
-
SHA512
f9d2892ec59106e54bd9678a0d998b66be57dc219a6a0fca547a7f7e8ec78819c308066dd55f8372e21733a81976d4881fc411fb771e32f085e7019609792e2f
-
SSDEEP
6144:kcm4FmowdHoSphraHcpOFltH4tiAlSpgFZAzwdjcIlSpgFZZr3GSM/x5z:y4wFHoS3eFplAlSpgFZAKjcIlSpgFZZ4
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource b5ec551250661f81976b05fc3b349d70_NeikiAnalytics.exe
Files
-
b5ec551250661f81976b05fc3b349d70_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE