0dcdec980c02cd4a2ec65964fa54d93d217baeaffb0315d45b7a1419e6aa8700

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
17/05/2024, 19:31

Target

21323c6bb8f21c3dd6769756319bd650_NeikiAnalytics.exe
Size

29KB
MD5

21323c6bb8f21c3dd6769756319bd650
SHA1

be2544a590ef4d6bfbd4c7c82f97b01e9e1b4686
SHA256

0dcdec980c02cd4a2ec65964fa54d93d217baeaffb0315d45b7a1419e6aa8700
SHA512

a4e806fd2492680072f036b2b4fe6b493af8647be45c97e1cb083d5f6b6a38cbd95febf6a60fe4b95cbbfb400f4e630ec22c640ee4713a84ae372a095fd3a8aa
SSDEEP

768:ITRfpN0pOy3OzeXmOGXbJOlB2vsLCik5dAy7b6lSj:IHzzeWHXbJGB2EOik5h36l0

Score

7^/10

upx

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
behavioral2/memory/4840-0-0x0000000000400000-0x000000000041A000-memory.dmp	upx
behavioral2/files/0x000a0000000233a5-5.dat	upx
behavioral2/memory/4840-101-0x0000000000400000-0x000000000041A000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\21323c6bb8f21c3dd6769756319bd650_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\21323c6bb8f21c3dd6769756319bd650_NeikiAnalytics.exe"
1⤵
PID:4840

C:\My Downloads\Combat Flight Simulator 3 ISO - Full Downloader.exe

Filesize
29KB

MD5
4e79b7fa83b9c880b93816f1dd47d8ff

SHA1
e04fac919d79bde988062c9b8c3c5703e8faab6b

SHA256
05cf297e331916a5800e0f0248cf45fd7abca7ea4ec0585205e1a44b1182e2d5

SHA512
e167f0e3ed406511de906a14160c616432e402fdb6eb70bd71a81a9e37c68bbeeb5cc4028fde4055b855c6c1e8e99f3f49e4ea03e6382f948ed0a35c2c0499f8

Download Submit
memory/4840-0-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download
memory/4840-101-0x0000000000400000-0x000000000041A000-memory.dmp

Filesize
104KB

Download