96f7270c27a39ae22fea6b00387cc177d6efebf8cc1c0974f8d781358e7bf5e4

Analysis

max time kernel
133s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
08/05/2024, 23:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
Size

32KB
MD5

9266a7aa0f2cac8b003909244f42d360
SHA1

c98128d43979bf02096b4121b72c241aa903f25b
SHA256

96f7270c27a39ae22fea6b00387cc177d6efebf8cc1c0974f8d781358e7bf5e4
SHA512

6783a4855f31b05cb4f212a83f43d51e212acbb25ca847776cc55197c1d7307e41cfba77fb10aae5a97675d1bf323395651da38f4f665416a4c22ace1680c180
SSDEEP

768:W7BlpDpARFbhYQkQjjPBDB+L+o2IOiJvfo2IOiJvUa7:W7ZDpApYbWjPhoLwSk

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (335) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\da.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoCanary.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\Lang\mng2.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\Lang\tg.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msaddsr.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_SelectionSubpicture.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_elf.dll.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_wer.dll.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaremr.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\Lang\io.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\AssertTest.mp2.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\Lang\sk.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IPSEventLogMsg.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.htm.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\System\ado\msadomd28.tlb.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\7zFM.exe.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-overlay.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskmenu.xml.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\VISFILT.DLL.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\audiodepthconverter.ax.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\icudtl.dat.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ja.pak.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sw.pak.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipRes.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\IpsMigrationPlugin.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-over-select.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
File created	C:\Program Files\7-Zip\History.txt.tmp	9266a7aa0f2cac8b003909244f42d360_NEIKI.exe

C:\Users\Admin\AppData\Local\Temp\9266a7aa0f2cac8b003909244f42d360_NEIKI.exe
"C:\Users\Admin\AppData\Local\Temp\9266a7aa0f2cac8b003909244f42d360_NEIKI.exe"
1⤵
- Drops file in Program Files directory
PID:2896

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
33KB

MD5
afd34776cfb2a4f8ec6abc2af3f962a7

SHA1
65bfd65e12ef7e3c0dd24d64b54fcdc97d7b1918

SHA256
ffc3d15dff45a0ba3decda7c2b7848dc5c5a6ecde2ce8975c53fcad9959e83e0

SHA512
319fffca9bd38f5a0dbc559142f77499569b6f6e6c9feb887f8b1b7f00a9ecb5ee9a1ba028f0750db634c3e108883b74a2369db0aa14d01b6f56691c6dd9ecdb

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
41KB

MD5
74045872b1655227de3fb9a292fa5175

SHA1
98b853d9afad45e2a4f45b7d757370c26da109c5

SHA256
8543a581b010b11892142b6aaa88fb15c33f05009bd398c67ece3a84f27d963b

SHA512
ea13f85bae2dec0f0a6e0bdb52230016fe9a13e98726a8550d86aca91f52a40878929b03dfe9bfe01c73b884a11d47847211f1d4761dd421799afe7269416d1b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads