Behavioral task
behavioral1
Sample
aa3f00cacef4508f35a484eca7736f30_NeikiAnalytics.exe
Resource
win7-20240508-en
General
-
Target
aa3f00cacef4508f35a484eca7736f30_NeikiAnalytics.exe
-
Size
3.3MB
-
MD5
aa3f00cacef4508f35a484eca7736f30
-
SHA1
785b9ca847274e3d8387aae09a182c5ff20fab20
-
SHA256
8238be8fd2243de6b3f30b9296171d58a5a795719659bcc0f5ff96012c862180
-
SHA512
eb6446177f2c4d0d38a2ce8c1ae4f07b1f6f5f9878aa7b6ee148fcf41ad8d10245bdf610471ef30948c6eee3f2cfeff6f70e698c05328251990996550f5a9fbf
-
SSDEEP
98304:w0GnJMOWPClFdx6e0EALKWVTffZiPAcRq6jHjc40T:wFWPClFkT
Malware Config
Signatures
-
XMRig Miner payload 1 IoCs
Processes:
resource yara_rule sample xmrig -
Xmrig family
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource aa3f00cacef4508f35a484eca7736f30_NeikiAnalytics.exe
Files
-
aa3f00cacef4508f35a484eca7736f30_NeikiAnalytics.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 1.3MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 525KB - Virtual size: 528KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE