Behavioral task
behavioral1
Sample
222c56746d1f14be2f1346c3830e884ef2cef273b3ca30b3fce1d90a2b743a92_NeikiAnalytics.exe
Resource
win7-20240508-en
General
-
Target
222c56746d1f14be2f1346c3830e884ef2cef273b3ca30b3fce1d90a2b743a92_NeikiAnalytics.exe
-
Size
3.2MB
-
MD5
c2cbd2798ef5acd702b577f2576ed060
-
SHA1
9d7d4d90feb8bf94d9dc427d014c05104f9d2636
-
SHA256
222c56746d1f14be2f1346c3830e884ef2cef273b3ca30b3fce1d90a2b743a92
-
SHA512
e1c3b92b8f838e4f314c51b64fd2d675d30fa4426d9db9d734bea60657b3a0cc02019e316c8286f24a3b55d2208ede8feae69c51a0e8c482b566e278e3f41d9a
-
SSDEEP
49152:JeuSg2T/EoaN+jilNWh8wcepVXF7O36j+yY9/4kUaAPsFVttNb+6r9Hg0hh/RW5/:0g2T/d88UI173j09/3EK+Y9Hg07R0
Malware Config
Signatures
-
Processes:
resource yara_rule sample themida -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 222c56746d1f14be2f1346c3830e884ef2cef273b3ca30b3fce1d90a2b743a92_NeikiAnalytics.exe
Files
-
222c56746d1f14be2f1346c3830e884ef2cef273b3ca30b3fce1d90a2b743a92_NeikiAnalytics.exe.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 49KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 42KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 15B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.imports Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 99KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 5.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 3.0MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ