2f8815b884db0d5c8c8a1bb8f03e0b40_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f8815b884db0d5c8c8a1bb8f03e0b40_NeikiAnalytics.exe
Size

224KB
MD5

2f8815b884db0d5c8c8a1bb8f03e0b40
SHA1

4144ed7e984dd31c3a579f3db4b98deff3cf4bd0
SHA256

d789b4b2a3c3c23b15b45c72120d52e36e5ea39f1f7b7dd6c5272bf70ddc6836
SHA512

98a22fa4719d392e56cc6190eef20376484e8d40aade780fc1d9f1355efd9997931e98acf24237e249656e5630338a406efcf1e07820542df09a7dd9ceb8f52c
SSDEEP

6144:ukdNwB7Y3RaxE7aZTDUqhbEp+ZUXIcaj+:ukvaYhp72TQWbEp+ZUfai

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f8815b884db0d5c8c8a1bb8f03e0b40_NeikiAnalytics.exe

Files

2f8815b884db0d5c8c8a1bb8f03e0b40_NeikiAnalytics.exe
.exe windows:10 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE