xmrig | 174143b9bea29f93fed7b937de9eac40_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

174143b9bea29f93fed7b937de9eac40_NeikiAnalytics.exe
Size

1.9MB
MD5

174143b9bea29f93fed7b937de9eac40
SHA1

90fb9340a61224d6b9cee876affdbf3431cb3915
SHA256

87ce716f41e0fdd388d55d2e6730aa6c7aa1a242e959e5bdb148eeac1913d177
SHA512

0ee4b17f874b4e5b6e2b4c99eaa717d1e4cf4dda3a3ee2851da43ff20906ca0f70abc5e089936a4154737f8f00ec4b9e68b2d59bbed707445266202db2a2cd55
SSDEEP

49152:oezaTF8FcNkNdfE0pZ9ozt4wIQw5UP6QtRs1:oemTLkNdfE0pZrQU

Score

10^/10

miner upx xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
174143b9bea29f93fed7b937de9eac40_NeikiAnalytics.exe

Files

174143b9bea29f93fed7b937de9eac40_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 724KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE