Malware Analysis Report

2024-10-10 12:49

Sample ID 240613-17et5swekl
Target 8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe
SHA256 6f93a66ace9f5de2f13da3c4d2c3675d556a66552bfae64db1039d8e1644acf0
Tags
upx
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

6f93a66ace9f5de2f13da3c4d2c3675d556a66552bfae64db1039d8e1644acf0

Threat Level: Shows suspicious behavior

The file 8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe was found to be: Shows suspicious behavior.

Malicious Activity Summary

upx

UPX packed file

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 22:17

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 22:17

Reported

2024-06-13 22:19

Platform

win7-20240611-en

Max time kernel

119s

Max time network

123s

Command Line

"C:\Users\Admin\AppData\Local\Temp\8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe"

Network

N/A

Files

memory/2996-0-0x0000000000400000-0x000000000041A000-memory.dmp

C:\My Downloads\Aliens versus Predator 2 Primal Hunt Key Generator.exe

MD5 c7b9dbf8172abd4c117c7acef02ca23b
SHA1 2d3e1ad94a3da525903165e9338f45811b447a9f
SHA256 1367f80dc40e7dbf6b070907cba9032d225bb67f128688188e82d08d5114eda2
SHA512 4289d8cc908bdb49232c5b79412886b9cc8152ea8005bded9d98fccf1d4b1175ca8ed08f3bdb8199ff1ed2c045bfda5472a4cf1e4d25fbed4e997d30b6225065

memory/2996-101-0x0000000000400000-0x000000000041A000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 22:17

Reported

2024-06-13 22:19

Platform

win10v2004-20240611-en

Max time kernel

93s

Max time network

97s

Command Line

"C:\Users\Admin\AppData\Local\Temp\8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe"

Signatures

UPX packed file

upx
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Processes

C:\Users\Admin\AppData\Local\Temp\8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe

"C:\Users\Admin\AppData\Local\Temp\8b719d6491aeb2dc49891067858b19e0_NeikiAnalytics.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 67.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 88.251.17.2.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 32.251.17.2.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp

Files

memory/3560-0-0x0000000000400000-0x000000000041A000-memory.dmp

C:\My Downloads\F1 Grand Pix 4 Patch.exe

MD5 40ccc9c10cc7a47cdb52205c5e7bece1
SHA1 d60007935d89c90cc2d91a63fedccbf475d62832
SHA256 77c007a3869681381a0f6ffef1d3073fee04a574ed7d7a6c31b6c62bb55adaf6
SHA512 cd6ddcd8463b1afacfb014ecce181bcb1e31f6687f579e70676745d59082923acfe8577ce503483b169483534e71b80a41fc49390bf16697b4d5f0b6f2dbdf6f

memory/3560-101-0x0000000000400000-0x000000000041A000-memory.dmp