9dfd129af3eb9d1d2fd7d57369053c11c64ed36c5888e6bb3026b3ad978a89a8

Analysis

max time kernel
37s
max time network
137s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 21:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
Size

2.0MB
MD5

103e76fde9cae0ddd9c130f04ddc91e0
SHA1

8d912d99df0e97be05242aaa69002903b9206ee8
SHA256

9dfd129af3eb9d1d2fd7d57369053c11c64ed36c5888e6bb3026b3ad978a89a8
SHA512

8613c1ea3b97dba1f46d69af30c4cba4f89f86c178d3d4aff26c671b3c2d14ae1767064ae892daefdb7cd54ab44d09d013b65456062de0fff81aca3db3bda1b1
SSDEEP

49152:mAph0Q1M8h3GztIvs5hWy3zqy1OCiQFcJFvHZSM8IrijcX:muLNQziE5hWEz3OCiQFoHZ+IGjcX

Score

7^/10

persistence spyware stealer upx

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/3044-0-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/files/0x0007000000015cc7-5.dat	upx
behavioral1/memory/2516-65-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2992-90-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2764-91-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2832-92-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2928-94-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2416-97-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3044-96-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2400-99-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2992-101-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2764-103-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2552-108-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2224-107-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2588-114-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2400-113-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2404-112-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2416-111-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1184-110-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3044-116-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2148-120-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/464-117-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2552-122-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1184-124-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2404-125-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2588-126-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3020-127-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2272-131-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2476-129-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1476-136-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/928-135-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1732-137-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3068-138-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2460-139-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2120-140-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2008-142-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1580-147-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1352-146-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2220-144-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/956-150-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1632-151-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1548-149-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1180-153-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/300-152-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2636-155-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1232-154-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1596-156-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2500-158-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/984-157-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1580-162-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2688-161-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1632-166-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2220-159-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2652-165-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1180-167-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2192-168-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2732-171-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1528-170-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2636-169-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2768-177-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2652-176-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2412-175-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2688-174-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2500-173-0x0000000000400000-0x000000000041E000-memory.dmp	upx

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\H:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\I:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\M:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\S:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\V:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\G:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\U:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\B:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\N:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\O:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\A:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\J:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\K:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\L:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\P:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\R:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\T:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\W:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\E:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File opened (read-only)	\??\X:	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\IME\shared\cumshot [bangbus] (Britney).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\lingerie gay sleeping shower (Kathrin).rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\russian sperm licking sm (Gina,Jade).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\chinese cum kicking catfight castration .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\indian bukkake big upskirt (Liz).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\beast kicking public sm (Liz,Tatjana).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\trambling kicking girls .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\tyrkish porn handjob voyeur cock .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\german action fucking catfight fishy .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\beastiality licking sweet .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\spanish lesbian handjob uncut latex .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\canadian blowjob big pregnant .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\lesbian cum public .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\animal lesbian nipples .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\norwegian horse cumshot several models ash (Sylvia).zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\italian bukkake gay hot (!) shoes (Jade).mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\spanish beast handjob lesbian titts shower .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\african fucking handjob big titts .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\lingerie horse sleeping black hairunshaved .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\danish sperm [bangbus] upskirt (Karin,Christine).zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\danish fucking public .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\chinese lingerie [free] feet gorgeoushorny .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\bukkake action [milf] swallow .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\swedish blowjob hidden swallow .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\french porn lesbian .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\beast cumshot big .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\sperm voyeur vagina .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\animal fetish [bangbus] .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_en-us_00f45b041e1e8fd3\sperm blowjob public sm .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\cum lesbian hot (!) (Christine).zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\Temp\asian action hidden femdom .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0993a1b8823a4e79\norwegian xxx girls fishy .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\kicking fucking [milf] (Gina).mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_34400a5790d1d336\american gang bang fetish lesbian mistress .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_095efe9c8261401e\spanish hardcore licking black hairunshaved .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\chinese nude horse [milf] hole sweet .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\french animal several models mistress .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_es-es_00bfb7e81e458178\horse sleeping hole bedroom .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_6.1.7600.16385_none_6377027f0030a06a\spanish blowjob catfight boots .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_it-it_18a6fde3093acac7\cumshot hardcore lesbian glans (Kathrin,Jenna).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_0ac4ebfc358e5ec0\canadian horse [bangbus] balls (Sandy).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_05ea1d9b8e2bf020\russian lingerie masturbation ash blondie (Sonja,Anniston).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\lesbian gang bang lesbian high heels .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_8c6fc5a7aa8c435d\lingerie blowjob [free] swallow .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_2e7f079c3208e549\lingerie xxx public nipples (Karin,Sonja).mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfolders-adm_31bf3856ad364e35_6.1.7600.16385_none_af6f98ff87b0e3cc\trambling trambling big .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_00225053e03f4c04\handjob trambling voyeur .avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ad7c61fb28607522\porn big (Jade,Tatjana).mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\russian trambling voyeur .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\InstallTemp\nude voyeur glans leather .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\malaysia action [milf] boots .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\handjob hardcore sleeping .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\horse fetish uncut (Janette,Melissa).rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_dba3691c6002e10e\fetish lesbian .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\asian nude [milf] hole 40+ (Ashley).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\american handjob blowjob lesbian hole bondage .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\lesbian kicking full movie feet girly .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\hardcore [bangbus] hotel .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\bukkake licking legs femdom .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\horse girls ash (Sylvia).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_f0ca3430257ea13f\porn hot (!) (Liz).mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_7bfdfb15e7184c41\british horse [bangbus] cock .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_3863e9ef3f804dd9\brasilian beast masturbation cock young (Sonja).zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-aspnet_installsqlstatetemp_b03f5f7f11d50a3a_6.1.7600.16385_none_5e4ff1f4cf2dee9b\beast girls cock bedroom (Jenna).rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\xxx masturbation .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\lingerie gang bang sleeping castration (Kathrin).mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.1.7600.16385_none_a727eb798dcfb185\african handjob [bangbus] legs sweet (Jade,Jade).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\german horse gang bang sleeping high heels (Janette,Karin).rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_cd2006602e5ee22e\german beast [milf] upskirt .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_f3c374fc18118ca2\spanish nude porn catfight .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_4d274741486b900c\cumshot hardcore hot (!) nipples boots .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\asian cum handjob sleeping .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_d81c96999f75bd77\horse animal girls (Sarah,Janette).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\horse public .rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\kicking hot (!) upskirt (Gina).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_515dc677700303ec\handjob fetish girls high heels .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\cum [milf] .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_293ea1e3e6bc5364\action full movie vagina (Sandy,Samantha).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\canadian cumshot voyeur lady .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\horse catfight glans latex .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_9498b282333b64ec\canadian beastiality licking (Sonja).zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ac16749b75335680\swedish cumshot big (Ashley,Anniston).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\japanese blowjob sleeping .mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\trambling hidden granny (Gina,Melissa).rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\norwegian animal hot (!) vagina wifey .zip.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_f25d066604c2ad34\horse lingerie lesbian .mpg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_39374e2435a71b47\kicking nude uncut black hairunshaved (Ashley,Sonja).rar.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.1.7600.16385_none_2958d4a31d2ec64f\french gang bang handjob [milf] boobs stockings (Tatjana,Curtney).avi.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\trambling sleeping pregnant (Samantha).mpeg.exe	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2224	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2400	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
464	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2148	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1184	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2404	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2552	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2224	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2588	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
3020	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2476	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
464	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2272	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2400	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1732	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1476	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
3068	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2008	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2008	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2120	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2120	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2460	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2460	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1352	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1352	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1548	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
1548	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
956	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
956	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
300	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
300	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3044 wrote to memory of 2516	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	28
PID 3044 wrote to memory of 2516	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	28
PID 3044 wrote to memory of 2516	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	28
PID 3044 wrote to memory of 2516	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	28
PID 2516 wrote to memory of 2992	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	29
PID 2516 wrote to memory of 2992	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	29
PID 2516 wrote to memory of 2992	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	29
PID 2516 wrote to memory of 2992	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	29
PID 3044 wrote to memory of 2764	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	30
PID 3044 wrote to memory of 2764	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	30
PID 3044 wrote to memory of 2764	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	30
PID 3044 wrote to memory of 2764	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	30
PID 2992 wrote to memory of 2832	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	31
PID 2992 wrote to memory of 2832	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	31
PID 2992 wrote to memory of 2832	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	31
PID 2992 wrote to memory of 2832	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	31
PID 2516 wrote to memory of 2928	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	32
PID 2516 wrote to memory of 2928	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	32
PID 2516 wrote to memory of 2928	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	32
PID 2516 wrote to memory of 2928	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	32
PID 2764 wrote to memory of 2224	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	33
PID 2764 wrote to memory of 2224	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	33
PID 2764 wrote to memory of 2224	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	33
PID 2764 wrote to memory of 2224	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	33
PID 3044 wrote to memory of 2416	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	34
PID 3044 wrote to memory of 2416	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	34
PID 3044 wrote to memory of 2416	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	34
PID 3044 wrote to memory of 2416	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	34
PID 2992 wrote to memory of 2400	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	35
PID 2992 wrote to memory of 2400	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	35
PID 2992 wrote to memory of 2400	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	35
PID 2992 wrote to memory of 2400	2992	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	35
PID 2832 wrote to memory of 464	2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	36
PID 2832 wrote to memory of 464	2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	36
PID 2832 wrote to memory of 464	2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	36
PID 2832 wrote to memory of 464	2832	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	36
PID 2928 wrote to memory of 2148	2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	37
PID 2928 wrote to memory of 2148	2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	37
PID 2928 wrote to memory of 2148	2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	37
PID 2928 wrote to memory of 2148	2928	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	37
PID 2516 wrote to memory of 1184	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	38
PID 2516 wrote to memory of 1184	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	38
PID 2516 wrote to memory of 1184	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	38
PID 2516 wrote to memory of 1184	2516	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	38
PID 2224 wrote to memory of 2552	2224	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	39
PID 2224 wrote to memory of 2552	2224	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	39
PID 2224 wrote to memory of 2552	2224	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	39
PID 2224 wrote to memory of 2552	2224	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	39
PID 2764 wrote to memory of 2404	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	40
PID 2764 wrote to memory of 2404	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	40
PID 2764 wrote to memory of 2404	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	40
PID 2764 wrote to memory of 2404	2764	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	40
PID 2416 wrote to memory of 2588	2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	41
PID 2416 wrote to memory of 2588	2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	41
PID 2416 wrote to memory of 2588	2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	41
PID 2416 wrote to memory of 2588	2416	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	41
PID 3044 wrote to memory of 3020	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	42
PID 3044 wrote to memory of 3020	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	42
PID 3044 wrote to memory of 3020	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	42
PID 3044 wrote to memory of 3020	3044	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	42
PID 464 wrote to memory of 2476	464	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	43
PID 464 wrote to memory of 2476	464	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	43
PID 464 wrote to memory of 2476	464	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	43
PID 464 wrote to memory of 2476	464	103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3044
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2516
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2992
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2832
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:464
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2476
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:1580
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:3352
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:5628
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        10⤵
        
        PID:14876
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:8824
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:15612
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:4632
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:8928
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:14652
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:6992
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:11128
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:3448
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:5696
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:14888
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:9356
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:15720
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:4684
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:9156
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:18104
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:7132
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:13452
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:2220
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:5596
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:14740
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:8580
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:16128
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:4644
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:8796
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:17044
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:7108
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14692
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5652
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:14232
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8832
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14804
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8892
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15628
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7012
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11112
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:3068
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:2688
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:3900
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:6572
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:6652
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:10996
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:21348
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5328
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:10252
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:19084
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8012
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:15012
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14716
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3756
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5992
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:13436
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9932
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:19100
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5140
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:10884
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:19936
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7984
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:16176
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:2364
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:6956
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:11096
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:10248
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5776
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14224
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9184
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15484
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3820
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6420
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9972
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:19060
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5216
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10900
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:20128
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7964
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15444
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2400
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2272
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:1632
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:5764
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        9⤵
        
        PID:14896
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:8808
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:14812
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:4780
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:9172
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:17464
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:7360
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14676
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5708
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:14732
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8356
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15652
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4672
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8020
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:16348
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7084
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11152
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:1180
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3576
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5868
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:20144
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9236
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:19076
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9340
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15372
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7336
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11160
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:17000
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3544
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14240
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9192
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:17440
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4816
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:8764
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15268
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7184
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14324
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14844
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:928
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:2636
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3676
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5528
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:14480
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9696
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:19116
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4668
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8232
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:15620
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9164
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:18128
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:8000
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:16208
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3616
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5956
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14912
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9312
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15072
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5068
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9776
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:19052
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7408
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15604
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2192
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3700
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7100
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14780
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5792
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14860
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9320
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14984
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:3808
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6444
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9744
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:18016
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:5204
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:10292
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:18172
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7400
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:14772
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2928
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2148
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:300
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3136
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:156
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:8372
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:16340
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:7824
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15832
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4460
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8276
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:19920
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:14836
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6896
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11036
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:16876
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:808
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9500
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15472
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7428
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14788
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4308
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7724
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15588
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6388
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:16652
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9736
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:17432
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1476
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:2500
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3856
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:6504
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:10168
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:18088
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5224
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:10280
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:18112
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7956
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14944
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3712
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5772
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:19944
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10192
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:18080
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4832
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9760
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:18064
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7784
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:16144
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2768
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3980
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6752
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10184
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:18072
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5368
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10236
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:18032
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7712
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11192
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:3780
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6328
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:21340
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9980
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15788
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:5172
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:10916
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:604
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7812
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15660
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1184
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:956
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:288
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4596
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8948
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:17760
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7004
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11136
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3708
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6452
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11200
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5940
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14248
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9228
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:18120
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2752
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4980
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9768
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:17984
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7420
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14316
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15412
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4284
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7768
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15596
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6160
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:21040
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10988
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7060
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1732
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2732
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3652
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6036
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:6748
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9328
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14904
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4660
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10876
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:20152
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7444
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14972
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15692
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:3628
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6012
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:13664
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9348
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15712
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4536
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9940
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14452
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7476
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:14920
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:2652
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:3248
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6980
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14852
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:5576
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14196
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:8816
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:14636
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:3768
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6256
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:21032
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10208
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:18040
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:5152
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10892
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:12580
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:7800
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:15684
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2764
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2224
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2552
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:1232
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3200
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:5276
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:10264
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        8⤵
        
        PID:18184
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:7868
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15772
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4492
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8588
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:16120
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6932
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11020
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10372
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:1512
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5112
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:9752
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:17472
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7500
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15088
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15676
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4328
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7748
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15080
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6320
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:20572
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9720
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:17992
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2120
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:1676
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4352
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8180
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:11168
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6464
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:16556
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9964
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15644
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3960
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6664
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10964
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:3648
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5344
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10148
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:19044
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7756
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11176
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:1140
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4620
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7796
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14828
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7024
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14184
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4156
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6336
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14752
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6020
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:19520
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:9480
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15748
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2404
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1548
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:2412
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4388
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:8440
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:15816
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6476
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10956
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10336
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4064
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6824
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9688
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:19108
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5544
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:11056
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:8668
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15800
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2520
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4940
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9712
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:19092
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7348
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14928
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11120
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4272
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7980
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11184
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6148
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15024
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:9988
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15764
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2460
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2436
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4452
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:8364
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:13192
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6760
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:4172
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9728
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:17516
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4072
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6808
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:6816
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:10176
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:18056
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:5536
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14796
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:8524
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:14684
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:2672
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4552
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:8596
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14668
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7036
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:14308
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:4052
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6776
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:18192
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10160
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:18024
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:5500
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:11028
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15744
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:8448
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:14724
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2416
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2588
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:984
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:3224
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:5240
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:11004
        
        C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        7⤵
        
        PID:19912
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7940
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14056
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4504
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:8604
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14820
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:6924
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14256
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11012
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14116
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2924
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4216
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:9956
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:16136
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7452
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:16160
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4404
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7736
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11208
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6436
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:21332
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10200
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:18048
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2008
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:2748
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:4244
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:8052
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:15840
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:980
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14216
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9528
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15824
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4080
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7064
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11104
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:5520
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11064
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:17268
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:8660
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15636
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:2280
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4428
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:8256
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14764
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6728
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10972
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6568
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:3988
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6704
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:9704
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:19068
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:5408
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:11072
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:8572
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:16152
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3020
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:1596
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:3256
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:5296
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:10228
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:17052
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7912
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:7076
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15728
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4528
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7932
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:11144
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6904
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:11048
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:17240
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:1872
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4608
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:9948
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:15780
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7492
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14644
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15420
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:4316
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:7688
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14868
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:16356
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:6168
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:14288
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:10980
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:16656
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1352
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:1528
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:4200
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:7056
      - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        6⤵
        
        PID:14300
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:14264
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6128
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:20164
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:9488
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:15464
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:3908
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:6628
    - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
        5⤵
        
        PID:19928
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:11080
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:12408
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:5336
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:10908
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:20136
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:7436
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:15756
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  PID:1792
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:5008
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:9784
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:19124
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:7392
  - - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
      4⤵
      PID:21356
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:16168
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  PID:4296
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:7656
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:15700
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  PID:6208
- - C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
    3⤵
    PID:10384
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  PID:10216
- C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\103e76fde9cae0ddd9c130f04ddc91e0_NeikiAnalytics.exe"
  2⤵
  PID:18096

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\italian bukkake gay hot (!) shoes (Jade).mpg.exe

Filesize
842KB

MD5
59e17fef71edb9ad3d9acba7ae7b77ca

SHA1
798c4226e6e4c85b19b82488fdb473b98ac9a7d4

SHA256
ea57770f5dd0efe1ef1596923d2c790191349d605a42c543082bb0672f6c4a93

SHA512
4db3d076e511ebc285983db70a29808cd1257ed849c3d65b26821bcd3e5456a3c729c4e12d5cf62d25b28bdeedc14bdb7b797f22ee9881fd9d3fa4ecea38957a

Download Submit
C:\debug.txt

Filesize
183B

MD5
77318ffd90f5480e54b267f2c86c5669

SHA1
3adf5dc2397231e94e993f7fd1fead86057a30fd

SHA256
7e39c99b49c7feec9f1aa60bc08065edb03927044fda2d589a0eb7045d670e02

SHA512
1569c9bf0dbca06ec8b89956713bd372e84e0636a436c94a3a64f9ff1af2f027be73729e318bbaa5e85dd3635180eb3a3f3e2c03702a702f23796dbf7d56cba6

Download Submit
memory/300-152-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/464-117-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/928-135-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/956-178-0x00000000045A0000-0x00000000045BE000-memory.dmp

Filesize
120KB

Download
memory/956-150-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/984-157-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1180-167-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1180-153-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1184-110-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1184-124-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1184-148-0x0000000004810000-0x000000000482E000-memory.dmp

Filesize
120KB

Download
memory/1184-182-0x0000000004810000-0x000000000482E000-memory.dmp

Filesize
120KB

Download
memory/1232-154-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1352-146-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1476-136-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1528-170-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1528-181-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1548-149-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1580-162-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1580-147-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1596-156-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1632-151-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1632-166-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1676-184-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1732-137-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2008-142-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2120-140-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2148-120-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2192-168-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2192-179-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2220-159-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2220-144-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2224-106-0x0000000004A90000-0x0000000004AAE000-memory.dmp

Filesize
120KB

Download
memory/2224-121-0x0000000004A90000-0x0000000004AAE000-memory.dmp

Filesize
120KB

Download
memory/2224-107-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2224-128-0x0000000004F20000-0x0000000004F3E000-memory.dmp

Filesize
120KB

Download
memory/2272-131-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2272-164-0x0000000000770000-0x000000000078E000-memory.dmp

Filesize
120KB

Download
memory/2364-180-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2400-99-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2400-113-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2400-118-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2400-130-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2404-112-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2404-125-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2412-175-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2416-97-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2416-111-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2460-139-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2476-160-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2476-129-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2476-145-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2500-158-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2500-173-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2516-104-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/2516-93-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/2516-65-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2516-163-0x0000000004F20000-0x0000000004F3E000-memory.dmp

Filesize
120KB

Download
memory/2516-89-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2516-100-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2516-105-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/2552-122-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2552-108-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2588-126-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2588-114-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2588-141-0x0000000004580000-0x000000000459E000-memory.dmp

Filesize
120KB

Download
memory/2636-155-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2636-169-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2652-176-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2652-165-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2688-174-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2688-161-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2732-171-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2748-183-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2764-103-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2764-95-0x0000000004A90000-0x0000000004AAE000-memory.dmp

Filesize
120KB

Download
memory/2764-91-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2768-177-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2832-92-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2832-123-0x0000000004F20000-0x0000000004F3E000-memory.dmp

Filesize
120KB

Download
memory/2928-119-0x0000000004A90000-0x0000000004AAE000-memory.dmp

Filesize
120KB

Download
memory/2928-94-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2928-133-0x0000000005060000-0x000000000507E000-memory.dmp

Filesize
120KB

Download
memory/2992-101-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2992-132-0x0000000004CE0000-0x0000000004CFE000-memory.dmp

Filesize
120KB

Download
memory/2992-90-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3020-127-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3044-0-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3044-96-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3044-116-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3044-109-0x0000000004A20000-0x0000000004A3E000-memory.dmp

Filesize
120KB

Download
memory/3044-102-0x0000000004A20000-0x0000000004A3E000-memory.dmp

Filesize
120KB

Download
memory/3044-134-0x0000000004A20000-0x0000000004A3E000-memory.dmp

Filesize
120KB

Download
memory/3044-64-0x0000000001ED0000-0x0000000001EEE000-memory.dmp

Filesize
120KB

Download
memory/3044-292-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3044-98-0x0000000001ED0000-0x0000000001EEE000-memory.dmp

Filesize
120KB

Download
memory/3044-458-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3068-172-0x0000000004A90000-0x0000000004AAE000-memory.dmp

Filesize
120KB

Download
memory/3068-138-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download