9dc7bbef3a25aba83f3d701ffa222f808d333534e997f1f132f40a3c73645d06

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
09/05/2024, 18:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
Size

86KB
MD5

b5adf01eb24141dc88df33590bc34b60
SHA1

f1f3fc2f92a793ab1cea610b4336b5f8e90ab9b5
SHA256

9dc7bbef3a25aba83f3d701ffa222f808d333534e997f1f132f40a3c73645d06
SHA512

5b5c135cd2596e6c297815192d96c267663463689e8cd5164c9a409b83e987c4f69d8d1c64b045ea47194693134a22ad059d91846550f2334565aec1653b46b8
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPNo:6rWpcOPxPke+e3fFpsJOfFpsJbgE+

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\InitializeCompress.jpeg.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\ja-JP\jnwdui.dll.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\fr-FR\Hearts.exe.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\fr-FR\js\calendar.js.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\ja-JP\css\calendar.css.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST7MDT.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\MemoryAnalyzer.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Campo_Grande.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\META-INF\MANIFEST.MF.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\wmpnscfg.exe.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Funafuti.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\UIAutomationProvider.resources.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mraut.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jawt.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\calendar.html.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\js\init.js.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\fontmanager.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\javaw.exe.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\ja-JP\Solitaire.exe.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\PresentationFramework.resources.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg_sml.png.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_zh_CN.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Nome.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Brussels.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Hovd.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\it-IT\JNTFiltr.dll.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkWatson.exe.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240811.profile.gz.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqlxmlx.rll.mui.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_ja.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\net.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Glace_Bay.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\mozglue.dll.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter.tmp	b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\b5adf01eb24141dc88df33590bc34b60_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3452737119-3959686427-228443150-1000\desktop.ini.tmp

Filesize
87KB

MD5
d1a604bd9b33204237b3d94984370680

SHA1
68ee7c0569601387cd48f4f64f6ad767929c4cf1

SHA256
f6ad4c877875fd66ba83ce2142d9f01584e7a1ee6c42b8532a2e9fdaac1f4c9e

SHA512
5771756b476fa05b21d0c40af141779b4653f0e72d6070d962b12670eed6c7a210929642ea463c5adc12412e0fb4be296f8a8f3cfa67d7fe0b457fb4a098145d

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
95KB

MD5
8233f70d35906ca2cac639131237bc72

SHA1
e7ee0cfa7489f8e4188c86d59ecfce0b299c2c26

SHA256
d8bea158ad5c5c8e9a2ccd2188cfb2d2578a76d0cc3f539558cee7901be2bc73

SHA512
895a1f90ad4abced1bbb28dae261eb4f5a0894efde81deb372012bb0d7063a569163d956de90f066641390d5dd7aa5b1ed0b92ed0ecffdcce4ac2c1cf0b88e09

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads