Malware Analysis Report

2025-08-05 15:50

Sample ID 240529-lg25esah45
Target 4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe
SHA256 d0ebc79570bf567174f435f3ba06bbea3f6fb382bc8b32ca8659836837ea9c87
Tags
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

d0ebc79570bf567174f435f3ba06bbea3f6fb382bc8b32ca8659836837ea9c87

Threat Level: Likely benign

The file 4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe was found to be: Likely benign.

Malicious Activity Summary


Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-05-29 09:31

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-29 09:31

Reported

2024-05-29 09:33

Platform

win7-20240419-en

Max time kernel

118s

Max time network

123s

Command Line

"C:\Users\Admin\AppData\Local\Temp\4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe"

Network

N/A

Files

C:\My Downloads\Hacking Tool Collection Patch.exe

MD5 f5ac8a37a313fce9a3a2318c9cdd2a05
SHA1 e9f69c45e59a205ae4c1e520606286b0095c1af6
SHA256 e6b466264b22279db1fbdfc4e12d879f102bb8df3fe2dcfa6bb2620b29f4b8f0
SHA512 ac9dd334c8cf698c6883a5a9b38787c541536caee5ab3481df8229b7d536f52df9a3b7c9bf69ee6d0392b6fa02263b2c662d2d6d0266638326ad9055c8532486

memory/2392-100-0x0000000000400000-0x0000000000417000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-29 09:31

Reported

2024-05-29 09:33

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

157s

Command Line

"C:\Users\Admin\AppData\Local\Temp\4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\4f413f8c5aabc87fd4ca4a197decc9e0_NeikiAnalytics.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 28.118.140.52.in-addr.arpa udp
US 8.8.8.8:53 5.181.190.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 52.111.229.43:443 tcp
US 8.8.8.8:53 19.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 122.10.44.20.in-addr.arpa udp

Files

C:\My Downloads\GTA 3 Full Downloader.exe

MD5 d09a30128450c131de5d5d9571a58b72
SHA1 04c97679815cfa5f54c892b2f6226e07c01d3b28
SHA256 c81f822ef3765e5e87b22f29941bbff655dd890e06bf1b6a7d6dca4f02cc1ad2
SHA512 5647306699aa05068a1ad36447a6e08ce695eec7596583410ff132d2ca8695d7545b2e7f45a07fad5e749e0dd1dd718979c7abbf85b19717360f50e8431b7f79

memory/544-100-0x0000000000400000-0x0000000000417000-memory.dmp