xmrig | ab2face7bcd99fb012b624b809226e80_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab2face7bcd99fb012b624b809226e80_NeikiAnalytics.exe
Size

2.2MB
MD5

ab2face7bcd99fb012b624b809226e80
SHA1

c053612d71b5c2ce4b6be56fa1fe5ca4586e6eab
SHA256

401005c53f4b752f232bdadaf25ed628c1746c7994b544919e38be6f7d89485e
SHA512

09b26708dd7bfaf2bb80d94e2f9747f4731ee1de488ebeddec75e3fe283f846715a7a318f03854ebe26d782c3290aea0c6712a70e6e7586eb7e922dbe7c50a21
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIQlqOdg/cyBB/k5Mm:BemTLkNdfE0pZrQr

Score

10^/10

miner upx xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab2face7bcd99fb012b624b809226e80_NeikiAnalytics.exe

Files

ab2face7bcd99fb012b624b809226e80_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 724KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE