78c2a2fd7882002ec023a19dacac977952eeff9cabc38e422907f4c6743a4688

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 22:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
Size

113KB
MD5

1456ea4ffeb2ae4c97d76afa1bd8dd00
SHA1

b853a1b84ce56916bffbbce9ed14e2d46586c7c0
SHA256

78c2a2fd7882002ec023a19dacac977952eeff9cabc38e422907f4c6743a4688
SHA512

cbaa506ab17297cda8822c99f5d60e9cad5a4ae5c0760f9f19f4b568c5e10b09f75483663dfd9adb9ca32e08ac86dc96bf47da389b96a1d1478e1278f73e979e
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVz0:RqlIyFESWu0SWuGSI

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3454) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Microsoft Games\Minesweeper\en-US\Minesweeper.exe.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\fr-FR\TableTextService.dll.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Engine.resources.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_ja.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\MSOHEV.DLL.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Services.Client.resources.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Paris.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_zh_4.4.0.v20140623020002.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\trusted.libraries.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Antigua.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationRight_SelectionSubpicture.png.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoCanary.png.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\More Games\MoreGames.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\firefox.exe.sig.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.ServiceModel.Resources.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcfr.dll.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.Printing.resources.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\fr-FR\Hearts.exe.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\uninstall.exe.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l1-2-0.dll.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\mpvis.dll.mui.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif.tmp	1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1456ea4ffeb2ae4c97d76afa1bd8dd00_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
113KB

MD5
7cac667c0dc2416f215335703df595b6

SHA1
57ea28e7a31095cb0fd2241380f428041f3c66bd

SHA256
54e606db12e19e975fb0a9413dcec92cffe9607339904dc7a7e12010b080b7ea

SHA512
c999a2e8f8728b7eca0cca5b72cb747e689b0509d7d4dece7869c7b451c81a6c52e2140933fd9cf63a1ac14a7027cb5b91eb7b394e01edb462715d72d0db2d11

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
122KB

MD5
52040377e503d06811a5269f42f6efa5

SHA1
ecba359baa9f19380613e5ae32ef088d8342c6ad

SHA256
f43af075e068c07575d881055aac2059d24b4675b388047f37c6233d7295d999

SHA512
d9b6a3f90dded6d1f302d9fe60bbef969d0ccc00e68113a8666c39be9e344ebd3fbc587665934518cb44b7424c878e7551e5fe0540993911e08b22ad007f3bf6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads