Behavioral task
behavioral1
Sample
8be482bcf68d63264a05be9609c947d0_NeikiAnalytics.exe
Resource
win7-20240419-en
General
-
Target
8be482bcf68d63264a05be9609c947d0_NeikiAnalytics.exe
-
Size
504KB
-
MD5
8be482bcf68d63264a05be9609c947d0
-
SHA1
f77f6a0bca5cc8ca6dc61b2879c0206223218d6e
-
SHA256
aa59eb46bae7e3596d4077f90d0e761347f231483a381b12c63e81a54381eef5
-
SHA512
482e93c2fd1fe301b2d3a74ae069be0916aae96010cc99e8ec82f7fc60a485eb25e860dd22d1039bab928d05e12785c39d9288cf64c1a07be18fc1e0f3bf0f51
-
SSDEEP
12288:tPmTkT0+nXTv1d5Jo/H4a6ZeUOHFVS9Qg:Vmo4IXhd81rS
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource 8be482bcf68d63264a05be9609c947d0_NeikiAnalytics.exe unpack001/out.upx
Files
-
8be482bcf68d63264a05be9609c947d0_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 116KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 475KB - Virtual size: 476KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 76KB - Virtual size: 74KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 504KB - Virtual size: 500KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ