init_controls_
Behavioral task
behavioral1
Sample
8be2e0248c6d9d5bed6203bf66702ea2a23988a569f38b578ffcf3a39a364a97_NeikiAnalytics.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
8be2e0248c6d9d5bed6203bf66702ea2a23988a569f38b578ffcf3a39a364a97_NeikiAnalytics.dll
Resource
win10v2004-20240508-en
General
-
Target
8be2e0248c6d9d5bed6203bf66702ea2a23988a569f38b578ffcf3a39a364a97_NeikiAnalytics.exe
-
Size
125KB
-
MD5
049d3979c49c79edfe83fd999a19f660
-
SHA1
ed9f784938d77478aac404c13a1b81dccc7686ab
-
SHA256
8be2e0248c6d9d5bed6203bf66702ea2a23988a569f38b578ffcf3a39a364a97
-
SHA512
dfd90d1f4187cf4b8d0a5f618c8b64e5febcdbc2933cc1c1c2d0e5094f160a1ad4630c00e86a58a663b1a2619703e3905e104b11f5bbbbef83237cacdcdbb9de
-
SSDEEP
3072:kjYpYuqoTiqnxLO71vPmYJDsyR8SJXREP3iwpoutE:kjYpYjqdYwsDsP4U3noSE
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
resource yara_rule sample acprotect -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8be2e0248c6d9d5bed6203bf66702ea2a23988a569f38b578ffcf3a39a364a97_NeikiAnalytics.exe
Files
-
8be2e0248c6d9d5bed6203bf66702ea2a23988a569f38b578ffcf3a39a364a97_NeikiAnalytics.exe.dll windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Sections
UPX0 Size: - Virtual size: 1.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 122KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE