Malware Analysis Report

2025-04-14 02:22

Sample ID 240603-mpawkscg82
Target a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe
SHA256 780cb45c168c72508a4745c32e2e5c5083ab094f26411e3af52f26e3a3209fac
Tags
upx
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

780cb45c168c72508a4745c32e2e5c5083ab094f26411e3af52f26e3a3209fac

Threat Level: Shows suspicious behavior

The file a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx

UPX packed file

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-03 10:37

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 10:37

Reported

2024-06-03 10:40

Platform

win7-20240508-en

Max time kernel

119s

Max time network

120s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe"

Network

N/A

Files

memory/1964-0-0x0000000000400000-0x000000000041A000-memory.dmp

C:\My Downloads\Need For Speed 5 Porsche Unleashed Crack.exe

MD5 40f8871778e221fb2bb21b6bbb190679
SHA1 56bbd9b2beb40f11b540ecc9fda7274eecba7ba3
SHA256 1079115bca43ed16e32809ceb6fab1d34326011bc17e419492bb4672c197b615
SHA512 6c33c979e9e1edf66bd10d47c511dffffc6f34789edca315aea92b132a35a7c38fc7c9f4a1404ac511d83379f3eabc0aaef29ecc7acd457f50e3f3de60cda918

memory/1964-102-0x0000000000400000-0x000000000041A000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-03 10:37

Reported

2024-06-03 10:40

Platform

win10v2004-20240426-en

Max time kernel

92s

Max time network

95s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\a054c0d3473c44faf1b5eb2aa0693550_NeikiAnalytics.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 82.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 228.249.119.40.in-addr.arpa udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp

Files

memory/3000-0-0x0000000000400000-0x000000000041A000-memory.dmp

C:\My Downloads\Quake 4 BETA Full Downloader.exe

MD5 724edad3ae9ddfcab766833456966a74
SHA1 ac914e0e08fb3d3f304e216bc851360eb0de4db2
SHA256 cf1d185395248450e718e2d1b252bf65613dec58ce48f1111828de5864daf375
SHA512 d59340f311f4e1a5aaf0116bb585d4624d756b551c8f2a2a8f960c1e047114e5d50994135199f0cbfdedd28649ae329f802dd740010458bc9c99d7457c14e6c0

memory/3000-101-0x0000000000400000-0x000000000041A000-memory.dmp