c77196535d4d19c11188407fb58ed8b191d661d6398f7b1ae0e3f1240261ddc9

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
09/05/2024, 17:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
Size

84KB
MD5

9be94ff06e494ac675a050542c9396f0
SHA1

db1c305192979786bad209f84fd12748f417f4d1
SHA256

c77196535d4d19c11188407fb58ed8b191d661d6398f7b1ae0e3f1240261ddc9
SHA512

6ef13bf0a04a5e575e43b85cd2308a93648d7b97a377988a8126fa0e4b7489dad9b6ba8685813594875bedbd022f3919b7742e44a6934f0b816a4537354a452b
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKGfFpsJOfFpsJB1QgqeBgqeU:69WpQE0zhfFpsJOfFpsJwgqeBgqeU

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3450) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_ja_4.4.0.v20140623020002.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.SF.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_down.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\weather.html.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\is.txt.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Boise.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\localizedSettings.css.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\es-ES\wordpad.exe.mui.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\flyout.html.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+3.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\NOTICE.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_228ef1_256x240.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libgl_plugin.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\wabimp.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPSideShowGadget.exe.mui.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqloledb.rll.mui.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libedummy_plugin.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\it-IT\PhotoAcq.dll.mui.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Christmas.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\search_background.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nb.txt.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadds.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\El_Salvador.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\EST5EDT.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libttml_plugin.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\WordpadFilter.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\file_obj.gif.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder_5.5.0.165303.jar.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\meta\art\00_musicbrainz.luac.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\eo\LC_MESSAGES\vlc.mo.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\clock.css.tmp	9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\9be94ff06e494ac675a050542c9396f0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2176

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp

Filesize
85KB

MD5
8527633906703fe4ba41fcf9cf82bdeb

SHA1
105db3ec338dd2ad5e6cc7dffd1fa006984803d3

SHA256
533904d24b08a1c38f84171e886b11607d0b77456d813c5e2bbbad36a46c7ec9

SHA512
7f9f3874714119426fdd643b22e4b42e7d86b5563cd4ef3f38f64681004e99892f807bfbbbcb381203bb30a541d9b589548b5dc187504a578ce231e325ba5ef2

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
94KB

MD5
1c42cc001e8a5f944d7f40e6d8b70086

SHA1
80e188f114492298c6eecd73f7b4ace9f8856299

SHA256
a76ea843934ea940480bf2a4ff0672e6cfbe93f8053b26afcda7217e72a15803

SHA512
620bad1e60213b41d420fdd2836915dd47c95d9be5771e3d35f752d1ff6f5ca256f92ad01eb221f24395f9920bb5d0bb36c43e9afc86c4527c8b1bc8d3446dc0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads