Static task
static1
Behavioral task
behavioral1
Sample
aec009724ba208376f91cbfafd60db1e965f9016f17f14bfb3b074dde1f6ae28.exe
Resource
win7-20240221-en
General
-
Target
3969991942bb5b6130977411ae258ab8_NeikiAnalytics
-
Size
19.4MB
-
MD5
5eb9fd6252a47041f94daa9bb8bb7f8f
-
SHA1
f373d4d9011fb66ee729b3a0c52155aff12dd1e4
-
SHA256
a61ecbd90edbc5cc26ed5bc4ab6064ed7ae966cbf517674458d1823746df2bfd
-
SHA512
caf70f3391e5cf2d14a41ab54e0bacc7467f5bf1c9acd4907bc1a7a189298c2d5aa38b0cd5a6298371b9c1cb01d7902f140d7917f3896fd2c27780c3034a6820
-
SSDEEP
393216:b2nPPTBq8TeGnUvaeRNwm6+aQ7HjsG/i6hZPV6gWVd74dQ+2yXUX9STE0B2Xqpf:U7Bs/Nj6+njsH6/M52Q+2a+9SnwXGf
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/aec009724ba208376f91cbfafd60db1e965f9016f17f14bfb3b074dde1f6ae28.exe
Files
-
3969991942bb5b6130977411ae258ab8_NeikiAnalytics.zip
Password: infected
-
aec009724ba208376f91cbfafd60db1e965f9016f17f14bfb3b074dde1f6ae28.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 19.6MB - Virtual size: 19.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 245KB - Virtual size: 245KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ