General
-
Target
eee75d97cf90a2c8c565545530bf1860_NeikiAnalytics.exe
-
Size
250KB
-
MD5
eee75d97cf90a2c8c565545530bf1860
-
SHA1
5398c3c6b7f3a68101918a5678aac3152398aecf
-
SHA256
1f595c562e73ad2448a789ec7833530c1acea65c94314d412ff0d15b2a482740
-
SHA512
b1ad801dc65e2e90cf5619c76c045abeaaabf2dafe6e505153f5c8004f27028d915a3894a4dd0c64d5e0c37b02e16843e646eeaf0a2ca25118b1ded575284262
-
SSDEEP
3072:8r85CR7gKNkhSC+t+MMCTs0kH+Bkx6uyXnZeiB+N6LpCcu51lviIzdXfEqMlchJU:09R7gKNkhSR/5kHouyXnZhB+h8WH2
Score
10/10
Malware Config
Signatures
-
Detect Neshta payload 1 IoCs
resource yara_rule sample family_neshta -
Neshta family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource eee75d97cf90a2c8c565545530bf1860_NeikiAnalytics.exe
Files
-
eee75d97cf90a2c8c565545530bf1860_NeikiAnalytics.exe.sys windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 64B - Virtual size: 5B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ