Malware Analysis Report

2025-08-05 09:41

Sample ID 240611-bpj9gaygpk
Target 2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe
SHA256 388dc7318a36080354e73497ed78ebaa3f5ca27f2c25f229f1c240680a11316e
Tags
upx
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

388dc7318a36080354e73497ed78ebaa3f5ca27f2c25f229f1c240680a11316e

Threat Level: Shows suspicious behavior

The file 2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx

UPX packed file

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-11 01:19

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 01:19

Reported

2024-06-11 01:21

Platform

win7-20240508-en

Max time kernel

121s

Max time network

125s

Command Line

"C:\Users\Admin\AppData\Local\Temp\2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe"

Network

N/A

Files

memory/2068-0-0x0000000000400000-0x000000000041B000-memory.dmp

C:\My Downloads\Age of Sail 2 ISO - Full Downloader.exe

MD5 aa4307056b78a0ac9018632c42031ac6
SHA1 23beb5b7f5e77f1aef5ddbf844b25d152d6b1871
SHA256 de1ed77c46a50cee2b493afcda3403727122673673de007e22f03d46429b1d5f
SHA512 1a64cd42e89922a3cb36fd44717b160a15ffa4ac877033e42ada747313379b7668a3ef6bfe7b484ee828a2f1e50376a96d8ead588121a22cfd6fdc46990dc737

memory/2068-101-0x0000000000400000-0x000000000041B000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 01:19

Reported

2024-06-11 01:21

Platform

win10v2004-20240426-en

Max time kernel

93s

Max time network

95s

Command Line

"C:\Users\Admin\AppData\Local\Temp\2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\2268c697b3bcb000456724648bceea30_NeikiAnalytics.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp

Files

memory/4316-0-0x0000000000400000-0x000000000041B000-memory.dmp

C:\My Downloads\Warcraft 3 ONLINE ISO - Full Downloader.exe

MD5 da0fe27dfb1e03a24ca2f25190b66a49
SHA1 866300c54e1963a9e69be71d671392e8ec5890d5
SHA256 0d5989bb43a57caa51c2d72fa546ff6f1dcda15a9bbceb2affebcf75f75e0bc2
SHA512 1a3443b0a4247d0320621e10ef6c36d96dfcbf7050d51f46f1933666b0c0c96df58abafb10125cb8d91d16f360cf7bcc0589b58f7b338b279ffea4c654db6744

memory/4316-101-0x0000000000400000-0x000000000041B000-memory.dmp