Behavioral task
behavioral1
Sample
1b262949a7bf7a7016d294b5027832ff424cfe0e4464f296a1c0d25f270acb1a_NeikiAnalytics.exe
Resource
win7-20240508-en
General
-
Target
1b262949a7bf7a7016d294b5027832ff424cfe0e4464f296a1c0d25f270acb1a_NeikiAnalytics
-
Size
1.9MB
-
MD5
0023ee8a4a4b3d49f1cdaf3b5a4c3f20
-
SHA1
a380b20015941e3d446d8269f86a2e7039b0cbef
-
SHA256
1b262949a7bf7a7016d294b5027832ff424cfe0e4464f296a1c0d25f270acb1a
-
SHA512
72bd04040ba1408240f0912f719e8c899c0afbfc62dc2514a0a62a4401fc58185c734d4b95622920452f45ba3c763a8e11175c3d31659522170833da5ca82fe7
-
SSDEEP
49152:BezaTF8FcNkNdfE0pZ9ozt4wIlMmSdp2Pwf:BemTLkNdfE0pZrG
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
resource yara_rule sample xmrig -
Xmrig family
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1b262949a7bf7a7016d294b5027832ff424cfe0e4464f296a1c0d25f270acb1a_NeikiAnalytics
Files
-
1b262949a7bf7a7016d294b5027832ff424cfe0e4464f296a1c0d25f270acb1a_NeikiAnalytics.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 724KB - Virtual size: 3.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 272KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE