xmrig | 91851c7a285815c914484c6dc22c94d0_NeikiAnalytics[.]exe | Triage

Sharing

General

Target

91851c7a285815c914484c6dc22c94d0_NeikiAnalytics.exe
Size

2.3MB
MD5

91851c7a285815c914484c6dc22c94d0
SHA1

1d11218a4998b6a6ca8b08bccf52cdaeb0313bf2
SHA256

56c62752cdbbb0003522307588b8df1d2170313b550225c0c6238ba7ca016602
SHA512

8a6ea2d00f1a5f796ab1d2cf4d9567703cf8e16765276d120b3af35ba9449c052165ca637ca4a79dc552735f69a10aa040f0ed5012ce003d56578a927945c244
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIQOYkZtgvrmRUugyBqOPc:BemTLkNdfE0pZrQ7

Score

10^/10

miner upx xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91851c7a285815c914484c6dc22c94d0_NeikiAnalytics.exe

Files

91851c7a285815c914484c6dc22c94d0_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 724KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE