3af8a722f01389428ede2b80272be313e76b7368ff27e07e819ec07ef1e78b0b_NeikiAnalytics[.]exe

General

Target

3af8a722f01389428ede2b80272be313e76b7368ff27e07e819ec07ef1e78b0b_NeikiAnalytics.exe
Size

4.5MB
MD5

08696e3a8dfdeb17567da1b380315980
SHA1

095c58f9666a59deaafd489dd9ee42e416dc4d49
SHA256

3af8a722f01389428ede2b80272be313e76b7368ff27e07e819ec07ef1e78b0b
SHA512

abb11e86924bba691f24d8eee2e780e1fa3a1d06e340c88ba39ec6a799a387e16ee9698dffc3bb56e499dc1b19f2877711163ecbfa7bd4495aa9e6141e96aa62
SSDEEP

49152:zyXURC1OU0ASwKPzMaFvfGpVAKU+T2CNUiv+lM5y4dcivGlc5yYv8dve:uqCcASB7vlna2CNUijdciFKG

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3af8a722f01389428ede2b80272be313e76b7368ff27e07e819ec07ef1e78b0b_NeikiAnalytics.exe
unpack001/out.upx

Files

3af8a722f01389428ede2b80272be313e76b7368ff27e07e819ec07ef1e78b0b_NeikiAnalytics.exe
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ASEX_Model_String
ASEX_block_count
ASEX_boot_block_version
ASEX_caller_id
ASEX_check_bios_image
ASEX_customer
ASEX_date
ASEX_flash_size
ASEX_get_bios_image
ASEX_hardware_compatible_version
ASEX_logo
ASEX_major_version
ASEX_mb
ASEX_message
ASEX_minor_version
ASEX_product
ASEX_systemflag
ASEX_update_bios_firmware

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 506B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 24KB

UPX1 Size: 4KB - Virtual size: 4KB

UPX2 Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 760B

.reloc Size: 512B - Virtual size: 506B

UPX0
Size: - Virtual size: 24KB

UPX1
Size: 4KB - Virtual size: 4KB

UPX2
Size: 1024B - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 760B

.reloc
Size: 512B - Virtual size: 506B