xmrig | 47f12ab044a97045457d2d71d1f0e460_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

47f12ab044a97045457d2d71d1f0e460_NeikiAnalytics.exe
Size

2.2MB
MD5

47f12ab044a97045457d2d71d1f0e460
SHA1

ce5557f6a0a34ed3a24e5ec15ed54baeb432cd10
SHA256

d55c06495ff7ca637c7ee65f04871dc6b4b1d7a37e15dac0e540ff4ba7532a29
SHA512

d56a9e961e80083c6be31c62e31a4e1c7712f87d82f7d074e215380aa430b0423d23e1ca56d1e67e9fec3d91bf3f39cbd0aab9c74e50c6554217b19ad53d89bc
SSDEEP

49152:BezaTF8FcNkNdfE0pZ9ozt4wIlUNFMgxc2uhCUy8+g7:BemTLkNdfE0pZrX

Score

10^/10

miner upx xmrig

Malware Config

Signatures

XMRig Miner payload 1 IoCs

resource	yara_rule
sample	xmrig

Xmrig family
xmrig

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47f12ab044a97045457d2d71d1f0e460_NeikiAnalytics.exe

Files

47f12ab044a97045457d2d71d1f0e460_NeikiAnalytics.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 724KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE