25c8b706f8ce7d08d25361dba127c540_NeikiAnalytics[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25c8b706f8ce7d08d25361dba127c540_NeikiAnalytics.exe
Size

916KB
MD5

25c8b706f8ce7d08d25361dba127c540
SHA1

1a7822090d3950ca780b06d5d34a3ba368edcf51
SHA256

1d0de1fd850b453bc27057ffb9f67e8d140204ec828d25db8a2c18bb2acc96bb
SHA512

d5aba153b4c5f0a8bcaef575416af3d49f6d857c974d18f08075068679e4cec0117b2c413472573bdde552c0828e3c23deb0a2994592a2bc51268934a637a23f
SSDEEP

6144:xZHcIX9SSgMW+IFZMbQrkodzb4XsIUYd:xdcIX0vFZJetd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25c8b706f8ce7d08d25361dba127c540_NeikiAnalytics.exe

Files

25c8b706f8ce7d08d25361dba127c540_NeikiAnalytics.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE