cf55f0ef8dc7df2c709343a7f63e37c0_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf55f0ef8dc7df2c709343a7f63e37c0_NeikiAnalytics.exe
Size

224KB
MD5

cf55f0ef8dc7df2c709343a7f63e37c0
SHA1

9855508c879f9a0f3b0d315cfc0fb28b394f7517
SHA256

439a185c330aff1fa69e6a5fc791dbae803234066678c6edbe8fa734bae0ce7e
SHA512

f52f31811ef6ec84ff6bc8c1bc9f60aee58f7a74d295fb31542912c506f570a95d3e5ee496277350d00e5f11ce93a7d2656389917eb75fbf299f8148213ca059
SSDEEP

6144:SjluQoSKIo5R8bNdZzDmL7RtmoLquFdzO0BwFQ:SEQoSeYmLBPBvp

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf55f0ef8dc7df2c709343a7f63e37c0_NeikiAnalytics.exe

Files

cf55f0ef8dc7df2c709343a7f63e37c0_NeikiAnalytics.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i
Size: 512B - Virtual size: 4KB