8e41324a98f6d51470106a3773a8c3ff63e44a1a5fa511d29edb20d1783cfca0

Analysis

max time kernel
36s
max time network
127s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
09-05-2024 18:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
Size

588KB
MD5

cb3dd89fa9751328c91f755063219ab0
SHA1

6ec48a1925f28f8714fcaecdf147285e47379fda
SHA256

8e41324a98f6d51470106a3773a8c3ff63e44a1a5fa511d29edb20d1783cfca0
SHA512

451cd287c6392248288aa063652be62c4b05222e40c2b89b32b6011f23c05b965252e4b1c2e722153f3b25a70c3d85d4d5e7e1459345fde900a931aefdf804d0
SSDEEP

12288:sPKLXqCKLZQ/+9NV5JXlRL3rxYtlR1UTu2ST61tjCtwMK5JVU:sSLelDNtld7xYDRl2STSCtw5JVU

Score

7^/10

persistence spyware stealer upx

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2908-0-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/files/0x0007000000016dde-5.dat	upx
behavioral1/memory/2492-57-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2908-56-0x0000000004C60000-0x0000000004C7C000-memory.dmp	upx
behavioral1/memory/1956-89-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2908-90-0x0000000004C60000-0x0000000004C7C000-memory.dmp	upx
behavioral1/memory/2768-91-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1676-95-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2840-93-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2908-96-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2908-97-0x0000000004C60000-0x0000000004C7C000-memory.dmp	upx
behavioral1/memory/2200-98-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2492-99-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1956-102-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2768-106-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/572-105-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2908-103-0x0000000004C60000-0x0000000004C7C000-memory.dmp	upx
behavioral1/memory/1212-110-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/672-112-0x0000000004580000-0x000000000459C000-memory.dmp	upx
behavioral1/memory/2776-111-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2200-113-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2440-114-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/572-116-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2036-117-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1212-119-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2360-120-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/672-122-0x0000000004580000-0x000000000459C000-memory.dmp	upx
behavioral1/memory/2252-124-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2224-125-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1924-127-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2036-126-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1996-128-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2360-130-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1368-135-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2224-137-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3012-139-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1996-141-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2240-142-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1368-145-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3012-146-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2136-148-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2808-149-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1692-155-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/760-154-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2808-157-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1784-159-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/844-162-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2352-161-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2896-163-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2852-165-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1044-164-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/760-166-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1784-169-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/844-172-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3200-173-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2352-171-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2896-174-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3464-175-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3504-176-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3428-177-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3776-178-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3860-180-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3776-183-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3792-186-0x0000000000400000-0x000000000041C000-memory.dmp	upx

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\E:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\O:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\P:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\S:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\R:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\W:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\A:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\B:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\I:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\J:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\N:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\G:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\K:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\V:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\X:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\H:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\L:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\M:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\T:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File opened (read-only)	\??\U:	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\config\systemprofile\asian animal licking .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\animal voyeur glans sweet .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\porn catfight boobs .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\italian beastiality hardcore hidden hole upskirt (Gina,Karin).rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\xxx beast uncut boobs upskirt .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\black blowjob hot (!) .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\french blowjob action hidden latex .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\american sperm sleeping .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\german gang bang blowjob [bangbus] .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\gang bang action [free] high heels .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\fetish nude licking vagina .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\nude beastiality masturbation redhair .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\xxx hidden ejaculation .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\malaysia gay animal full movie legs traffic .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\gang bang voyeur (Jade,Curtney).rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\hardcore handjob girls redhair .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\african beast [milf] .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\porn [milf] nipples fishy .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\fetish [milf] cock .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\chinese blowjob [bangbus] .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\danish beastiality horse several models 40+ .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\german blowjob [free] nipples .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\beastiality cum [milf] ash (Sandy,Britney).zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\indian handjob beast [free] swallow (Ashley,Anniston).avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\nude masturbation hole .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_it-it_18a6fde3093acac7\animal xxx licking black hairunshaved .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\wow64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_6b16fa9f975e1109\chinese horse horse hidden legs hotel (Melissa).mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\black beastiality sleeping 40+ .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\brasilian nude sleeping 40+ .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\malaysia beastiality [bangbus] ¼ç (Christine,Sylvia).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_dba3691c6002e10e\american hardcore hot (!) gorgeoushorny (Samantha).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_0ac4ebfc358e5ec0\norwegian sperm masturbation shower (Jade).rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.1.7600.16385_none_2958d4a31d2ec64f\german hardcore horse licking high heels (Samantha).rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\french lesbian masturbation (Karin,Melissa).rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b4aea777fe683838\fetish hot (!) .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_60a2cbbf935c42b4\german porn fetish uncut cock .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_963e6ae24c653bfe\fucking sperm big (Anniston).avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_b7f38afb92de484f\beastiality gay girls vagina ash .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_1412267f4b3bb985\spanish gay voyeur circumcision (Tatjana).avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-aspnet_installsqlstatetemp_b03f5f7f11d50a3a_6.1.7600.16385_none_16a2bb1dbab1c595\african horse several models boobs black hairunshaved .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_99b74194b7347cab\black hardcore catfight glans wifey .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\beast [free] (Samantha,Christine).mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\canadian cumshot several models .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\american trambling big .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8d9f242de8497d58\british porn [free] pregnant .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_6.1.7600.16385_none_5499606faffb3f9f\japanese cumshot voyeur bedroom .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\InstallTemp\german fucking fetish masturbation sm .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_4d274741486b900c\porn sleeping glans (Sonja).mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\kicking blowjob girls .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\brasilian lesbian animal masturbation mistress .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\russian lingerie voyeur .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\kicking big 50+ (Janette,Gina).mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\japanese animal action licking YEâPSè& .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5803850b2f40840e\blowjob [free] .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\tyrkish bukkake masturbation ejaculation (Christine,Sylvia).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\russian gay hot (!) shoes (Anniston,Ashley).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p..al-securitytemplate_31bf3856ad364e35_6.1.7600.16385_none_49dd84a06c7c8863\bukkake [free] glans (Gina,Christine).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_97a45841ff925aa0\tyrkish sperm animal sleeping feet boots .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\african horse handjob catfight .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_ddab3bcb3a4ffb45\french beast fetish hot (!) .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\xxx girls Ôë (Curtney).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_00225053e03f4c04\french fucking lingerie big legs .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\japanese action porn sleeping (Kathrin).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\american cumshot lesbian hotel (Melissa).zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_9498b282333b64ec\blowjob cum hot (!) .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\canadian horse beastiality public nipples .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\black cum beast lesbian hole shoes .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_515dc677700303ec\lesbian full movie leather (Tatjana,Britney).avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\german gang bang action girls .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bcc167434bb9b3ea\fucking cumshot [bangbus] (Ashley,Karin).zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\action big sweet .mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0af98f1835676d1b\norwegian fetish blowjob hot (!) swallow .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\malaysia lesbian public ash hotel (Sonja).avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\british lesbian nude public stockings (Anniston,Sonja).zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_34400a5790d1d336\japanese beastiality handjob uncut .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_aea650787d30ed8a\swedish kicking voyeur YEâPSè& .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_8bfc34b93f0fdd42\xxx hardcore hidden (Sonja,Sarah).avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\action uncut .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_6.1.7600.16385_none_6377027f0030a06a\lesbian catfight blondie .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\bukkake kicking lesbian penetration .zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfolders-adm_31bf3856ad364e35_6.1.7600.16385_none_af6f98ff87b0e3cc\german bukkake nude big femdom .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\russian fucking girls vagina .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\horse lingerie uncut 50+ .mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\nude cum [milf] .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_bacc7ceffc55dca2\japanese gay nude hidden (Samantha).mpg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_f0ca3430257ea13f\tyrkish hardcore full movie boobs mature (Melissa).mpeg.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\russian fetish several models young (Ashley,Ashley).zip.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\security\templates\american porn fetish uncut mature .rar.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_3d98a610fed70b75\tyrkish hardcore [milf] ash leather .avi.exe	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2032	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2200	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2188	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
672	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
792	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
636	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2152	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1912	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2032	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
572	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2268	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1212	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2188	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2200	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2776	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2252	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2440	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2036	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
672	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2828	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2828	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2360	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2360	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1004	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1004	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2276	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2276	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2224	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2224	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1924	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1924	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
1996	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2908 wrote to memory of 2492	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	28
PID 2908 wrote to memory of 2492	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	28
PID 2908 wrote to memory of 2492	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	28
PID 2908 wrote to memory of 2492	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	28
PID 2492 wrote to memory of 1956	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	29
PID 2492 wrote to memory of 1956	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	29
PID 2492 wrote to memory of 1956	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	29
PID 2492 wrote to memory of 1956	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	29
PID 2908 wrote to memory of 2768	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	30
PID 2908 wrote to memory of 2768	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	30
PID 2908 wrote to memory of 2768	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	30
PID 2908 wrote to memory of 2768	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	30
PID 1956 wrote to memory of 2840	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	31
PID 1956 wrote to memory of 2840	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	31
PID 1956 wrote to memory of 2840	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	31
PID 1956 wrote to memory of 2840	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	31
PID 2768 wrote to memory of 1676	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	32
PID 2768 wrote to memory of 1676	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	32
PID 2768 wrote to memory of 1676	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	32
PID 2768 wrote to memory of 1676	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	32
PID 2492 wrote to memory of 2032	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	33
PID 2492 wrote to memory of 2032	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	33
PID 2492 wrote to memory of 2032	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	33
PID 2492 wrote to memory of 2032	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	33
PID 2908 wrote to memory of 1284	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	34
PID 2908 wrote to memory of 1284	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	34
PID 2908 wrote to memory of 1284	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	34
PID 2908 wrote to memory of 1284	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	34
PID 2840 wrote to memory of 2200	2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	35
PID 2840 wrote to memory of 2200	2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	35
PID 2840 wrote to memory of 2200	2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	35
PID 2840 wrote to memory of 2200	2840	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	35
PID 1956 wrote to memory of 2188	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	36
PID 1956 wrote to memory of 2188	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	36
PID 1956 wrote to memory of 2188	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	36
PID 1956 wrote to memory of 2188	1956	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	36
PID 1676 wrote to memory of 672	1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	37
PID 1676 wrote to memory of 672	1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	37
PID 1676 wrote to memory of 672	1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	37
PID 1676 wrote to memory of 672	1676	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	37
PID 2032 wrote to memory of 792	2032	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	38
PID 2032 wrote to memory of 792	2032	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	38
PID 2032 wrote to memory of 792	2032	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	38
PID 2032 wrote to memory of 792	2032	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	38
PID 2492 wrote to memory of 636	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	40
PID 2492 wrote to memory of 636	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	40
PID 2492 wrote to memory of 636	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	40
PID 2492 wrote to memory of 636	2492	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	40
PID 2908 wrote to memory of 1912	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	41
PID 2908 wrote to memory of 1912	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	41
PID 2908 wrote to memory of 1912	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	41
PID 2908 wrote to memory of 1912	2908	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	41
PID 1284 wrote to memory of 572	1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	39
PID 1284 wrote to memory of 572	1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	39
PID 1284 wrote to memory of 572	1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	39
PID 1284 wrote to memory of 572	1284	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	39
PID 2768 wrote to memory of 2152	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	42
PID 2768 wrote to memory of 2152	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	42
PID 2768 wrote to memory of 2152	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	42
PID 2768 wrote to memory of 2152	2768	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	42
PID 2188 wrote to memory of 2268	2188	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	44
PID 2188 wrote to memory of 2268	2188	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	44
PID 2188 wrote to memory of 2268	2188	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	44
PID 2188 wrote to memory of 2268	2188	cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe	44

C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2908
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2492
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1956
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2840
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2200
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1212
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:2116
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:3364
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:5396
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        10⤵
        
        PID:13016
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:8388
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:15748
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:4548
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:8756
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        10⤵
        
        PID:4860
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:13068
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:6552
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:13820
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:13232
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:5736
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:13360
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:8404
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:15656
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:4768
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:8764
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:13116
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6952
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:3080
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:12316
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3012
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:5552
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:16064
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:9224
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16816
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:4408
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:9820
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16932
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:7208
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11288
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3452
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:5860
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:15788
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9204
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:17920
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4976
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9092
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:2524
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:17932
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6360
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13180
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2776
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3064
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:3656
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:6220
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:13172
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:11236
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:11096
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:7792
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14496
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3504
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:5476
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16312
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9248
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16592
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4344
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9892
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:18256
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7236
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12860
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:2740
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3708
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6600
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:13516
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11804
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5296
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11072
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7960
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14488
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3568
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5220
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16032
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9376
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:13108
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:17876
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4708
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9812
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16628
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7360
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13208
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2188
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2268
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:1368
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:3352
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:5364
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:13148
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:9024
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16824
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:4564
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:8364
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:15588
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6628
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16000
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:12224
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:5340
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:11328
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:7672
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:15596
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4420
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:8444
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:15812
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6564
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:13524
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:11320
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:2100
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:5948
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16276
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9068
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:17988
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4988
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9600
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16848
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7116
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13140
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3420
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5616
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:12984
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8348
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16464
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4744
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8780
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16520
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6976
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13484
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13132
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2440
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:2728
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6488
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:19904
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:12248
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5452
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:12120
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8380
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:2468
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16804
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3576
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5964
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:15720
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9408
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:15684
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4752
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9900
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:18224
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7412
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13052
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2136
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4124
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7600
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13344
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5836
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16072
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9240
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13264
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3916
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6416
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13352
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5784
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16048
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:9060
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:17964
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2032
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:792
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1924
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:9804
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:17692
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:7612
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14536
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4296
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:7760
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16512
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6188
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:13496
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9620
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16856
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:1044
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:8372
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:15576
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6960
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16056
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12240
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3236
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7396
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14180
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12844
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6132
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16140
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9012
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16832
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2224
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:1784
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4816
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:8928
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16788
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6984
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14524
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12996
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3896
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7516
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14872
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5408
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16040
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9868
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:18216
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:1692
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4736
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8732
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13392
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7000
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13384
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3512
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7320
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:12284
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5228
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16268
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:9044
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:17428
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:636
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1996
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3168
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4868
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9908
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:18208
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7812
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13408
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4380
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8428
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16284
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6380
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:2304
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:10696
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2352
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5068
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9384
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:15940
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7200
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13216
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4224
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7916
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14864
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6160
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14800
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:12128
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2828
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2580
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4032
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6496
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:19420
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13336
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5904
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16080
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9076
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:19452
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:17948
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3792
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6640
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13828
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:11304
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5468
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:12976
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:8540
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:19444
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:15604
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:2984
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3320
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7872
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14168
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5564
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16120
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:9876
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:18248
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:3888
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6700
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13272
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:11280
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:5656
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:13192
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:9032
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:16872
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2768
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1676
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:672
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2252
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:2560
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:3636
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:5980
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        9⤵
        
        PID:16112
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:9608
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:16864
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:4760
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:10868
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:7824
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14148
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3496
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6108
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:13240
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:8936
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16504
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4164
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:9788
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:16620
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6764
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14280
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13084
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:2240
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3880
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6788
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        8⤵
        
        PID:13476
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11796
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5672
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:13008
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8412
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16600
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3584
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5500
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14824
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9392
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:13100
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:17976
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4764
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12200
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7420
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13400
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2036
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:2700
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3852
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:6812
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:12276
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5596
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11312
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8236
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14300
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16096
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3664
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6272
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14480
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9836
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:17316
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5180
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:9884
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:17288
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7696
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14880
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2944
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3816
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7592
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14440
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5792
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16236
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9020
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13256
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3860
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6728
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14332
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13200
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5636
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:11088
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:8228
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:16888
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2152
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:1964
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3108
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:4956
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11296
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7784
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13164
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4352
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8396
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16796
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6316
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:18932
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9852
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:17904
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:844
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5004
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:8904
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16292
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6992
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13468
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13156
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4232
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:8180
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13844
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:15780
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6168
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:12364
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:11868
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1004
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2808
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4148
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6180
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:14192
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13836
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5652
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16024
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9860
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:18240
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3928
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7028
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16088
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:12256
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5812
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13376
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:9052
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:17940
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:2804
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4508
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:8420
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16228
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6840
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14232
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:13076
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:4068
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6736
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:19176
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:13124
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:6060
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:16016
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:9196
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:17996
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:1284
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:572
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:1536
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:3200
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:5164
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:11044
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7664
        
        C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        7⤵
        
        PID:13712
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14888
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4412
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:7620
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14920
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6368
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:3332
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:11260
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2852
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4840
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:10892
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:8188
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14140
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4256
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:8172
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:15612
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6344
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:19428
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:11628
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2360
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:2484
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:4004
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:6968
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:13280
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5828
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:16008
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9212
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12948
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16612
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3784
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:6664
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14156
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:12292
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:5420
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:11176
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:7724
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:15756
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:14912
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:1624
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4472
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7956
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16896
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6676
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:13784
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:12300
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:4044
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6856
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14200
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:13288
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:6068
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:17248
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:9232
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:16880
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1912
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:2088
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:3144
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:5116
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:12208
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7708
      - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        6⤵
        
        PID:14312
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:15352
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4360
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:7752
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:14896
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:6324
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:10884
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:9844
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:18232
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:2896
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4660
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9796
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16188
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:7100
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:2680
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:14324
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:4248
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:7220
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:14904
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:6252
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:15676
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:9920
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:17956
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2276
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:2120
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:4872
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:8868
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16840
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:7048
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:9992
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:12216
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:4184
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:7820
    - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
        5⤵
        
        PID:16104
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:15568
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:6204
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:12084
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:11252
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  PID:760
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:4608
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:8880
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:15492
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:6828
  - - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
      4⤵
      PID:16904
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:11228
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  PID:3344
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:7272
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:13092
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  PID:5192
- - C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
    3⤵
    PID:13248
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  PID:9084
- C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cb3dd89fa9751328c91f755063219ab0_NeikiAnalytics.exe"
  2⤵
  PID:17564

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\fetish [milf] cock .mpg.exe

Filesize
1.4MB

MD5
5b77c7d6d8a77e89d47453895fe70fae

SHA1
cd989858ea5043535814745c036cd528482fe47a

SHA256
74b7e78a487f8e7b794b3db4bdfdfe5866461505dd0450501dba73d583822040

SHA512
c5b1af2064d3271bab6cdbf2766513eb775ff1bc338fdcac6477a6a0c4f75a266987f0216b7c98e72e6e55afb39451c7e736ba4127c399764da6931593cef34d

Download Submit
C:\debug.txt

Filesize
183B

MD5
5fda672a6523a8e2ab796c32cc341200

SHA1
b2c2bd69aed6bad1a66938d15e767fd7dd10e2c3

SHA256
1fce331c54a17479c6f80c7d2e7097f1a2b76043a14b78384de5a73a09b7e21a

SHA512
02ffb4ac40b68b9aa48f3a05d6324143d58bde63bbf8f722ec4d1ac0f578a9a584012c52feaab268206aa6c6c76ca98e36d8427624c6afeb41626a9c020725f7

Download Submit
memory/572-105-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/572-116-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/636-138-0x0000000004A90000-0x0000000004AAC000-memory.dmp

Filesize
112KB

Download
memory/672-122-0x0000000004580000-0x000000000459C000-memory.dmp

Filesize
112KB

Download
memory/672-112-0x0000000004580000-0x000000000459C000-memory.dmp

Filesize
112KB

Download
memory/760-166-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/760-154-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/792-151-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/844-162-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/844-172-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1004-156-0x0000000004A90000-0x0000000004AAC000-memory.dmp

Filesize
112KB

Download
memory/1044-164-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1212-119-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1212-110-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1284-129-0x0000000004710000-0x000000000472C000-memory.dmp

Filesize
112KB

Download
memory/1368-145-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1368-135-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1676-179-0x0000000004F20000-0x0000000004F3C000-memory.dmp

Filesize
112KB

Download
memory/1676-95-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1676-187-0x0000000004F20000-0x0000000004F3C000-memory.dmp

Filesize
112KB

Download
memory/1676-115-0x0000000004F10000-0x0000000004F2C000-memory.dmp

Filesize
112KB

Download
memory/1692-155-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1784-159-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1784-169-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1924-127-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1956-147-0x0000000004CF0000-0x0000000004D0C000-memory.dmp

Filesize
112KB

Download
memory/1956-102-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1956-92-0x0000000004CD0000-0x0000000004CEC000-memory.dmp

Filesize
112KB

Download
memory/1956-153-0x0000000004CF0000-0x0000000004D0C000-memory.dmp

Filesize
112KB

Download
memory/1956-109-0x0000000004CD0000-0x0000000004CEC000-memory.dmp

Filesize
112KB

Download
memory/1956-89-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1956-100-0x0000000004CE0000-0x0000000004CFC000-memory.dmp

Filesize
112KB

Download
memory/1996-170-0x0000000004A90000-0x0000000004AAC000-memory.dmp

Filesize
112KB

Download
memory/1996-128-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1996-141-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2032-121-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/2032-131-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/2036-117-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2036-143-0x0000000004580000-0x000000000459C000-memory.dmp

Filesize
112KB

Download
memory/2036-126-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2136-148-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2152-140-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/2188-118-0x0000000000740000-0x000000000075C000-memory.dmp

Filesize
112KB

Download
memory/2188-136-0x0000000000740000-0x000000000075C000-memory.dmp

Filesize
112KB

Download
memory/2200-98-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2200-113-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2224-137-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2224-125-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2240-142-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2252-124-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2268-134-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/2268-144-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/2352-171-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2352-161-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2360-120-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2360-130-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2440-114-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2492-88-0x0000000004DD0000-0x0000000004DEC000-memory.dmp

Filesize
112KB

Download
memory/2492-99-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2492-57-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2492-101-0x0000000004DD0000-0x0000000004DEC000-memory.dmp

Filesize
112KB

Download
memory/2492-104-0x0000000004F10000-0x0000000004F2C000-memory.dmp

Filesize
112KB

Download
memory/2768-158-0x0000000005060000-0x000000000507C000-memory.dmp

Filesize
112KB

Download
memory/2768-94-0x0000000004A90000-0x0000000004AAC000-memory.dmp

Filesize
112KB

Download
memory/2768-106-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2768-150-0x0000000005060000-0x000000000507C000-memory.dmp

Filesize
112KB

Download
memory/2768-91-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2776-111-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2808-157-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2808-149-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2840-93-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2852-165-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2896-174-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2896-163-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2908-103-0x0000000004C60000-0x0000000004C7C000-memory.dmp

Filesize
112KB

Download
memory/2908-0-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2908-90-0x0000000004C60000-0x0000000004C7C000-memory.dmp

Filesize
112KB

Download
memory/2908-123-0x0000000005650000-0x000000000566C000-memory.dmp

Filesize
112KB

Download
memory/2908-133-0x0000000005650000-0x000000000566C000-memory.dmp

Filesize
112KB

Download
memory/2908-56-0x0000000004C60000-0x0000000004C7C000-memory.dmp

Filesize
112KB

Download
memory/2908-96-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2908-152-0x0000000005650000-0x000000000566C000-memory.dmp

Filesize
112KB

Download
memory/2908-97-0x0000000004C60000-0x0000000004C7C000-memory.dmp

Filesize
112KB

Download
memory/2908-160-0x0000000005650000-0x000000000566C000-memory.dmp

Filesize
112KB

Download
memory/3012-146-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3012-139-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3200-173-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3236-189-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3428-177-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3464-175-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3504-176-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3776-183-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3776-178-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3792-186-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3860-180-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/4068-188-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download