Behavioral task
behavioral1
Sample
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
-
Size
6.9MB
-
MD5
06184e38e8afc00baaefd94bffe24c00
-
SHA1
75e9af0a61de28e3ce6c1a0964f81f6324b134d2
-
SHA256
af30d0d3235fed1679dbd396a9e3fa2315f7746569ce7a2cdf93637eda752611
-
SHA512
3e9a229e90b05e4e06889de196173afe824a2beb0c59cb3ecbc864bfa8cf89cd9fb5701a20d49ce4e2968cd47d85d59f954cae4fb3422c7e4007a1168fb71dfe
-
SSDEEP
98304:JhSo0Mfow7A1h9eT393YigJhH0yzt7GTu/NWPdHdda9D4oRVB0rdB4:JhSjGA1HeT39Iigft7ec0/aFFrur
Malware Config
Signatures
-
Detects Pyinstaller 1 IoCs
Processes:
resource yara_rule sample pyinstaller -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe
Files
-
06184e38e8afc00baaefd94bffe24c00_NeikiAnalytics.exe.exe windows:5 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 172KB - Virtual size: 171KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 76KB - Virtual size: 75KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
test.pyc