cd71dec8e67b25472829c5e511c16ec202e95cb7cf679c9fab264399ad0eaf99

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 22:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
Size

69KB
MD5

221dd154b1fb0e74f45652a44a9ff5e0
SHA1

a726dcd3da7fb3ede437ba4a42c46f6e7f6afbc8
SHA256

cd71dec8e67b25472829c5e511c16ec202e95cb7cf679c9fab264399ad0eaf99
SHA512

9df2216851abf232f2cc258a1ce336602b40b64d69ebbc17b3edc1cf44318f8bd3942b1f4b1de7856f8bce1f836822bcf0cb4f237719484e6adef24e9f5edb93
SSDEEP

768:W7Blp9pARFbhQSox/6Sox/ME4JAIAepE4JAIAeuDlmlQPc3f6Pc3f5TGotuMOiJ5:W7Z9pApQESOHepOHe8G+6E65TGAJ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3482) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Easter.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\shvlzm.exe.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\authplay.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\snmp.acl.template.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.smil_1.0.0.v200806040011.jar.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libwgl_plugin.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\ja-JP\SpiderSolitaire.exe.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpOAV.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\asl-v20.txt.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\cacerts.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Curacao.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationProvider.resources.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\en-US.pak.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\de-DE\js\picturePuzzle.js.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcer.dll.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\ja-JP\ImagingDevices.exe.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\fr-FR\css\cpu.css.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\css\settings.css.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\tnameserv.exe.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\en-US\PDIALOG.exe.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\sunec.dll.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\local_policy.jar.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnssci.dll.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipTsf.dll.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kwajalein.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_s.png.tmp	221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\221dd154b1fb0e74f45652a44a9ff5e0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

Filesize
69KB

MD5
e29821f2f6a0264651ab74fd285e7b75

SHA1
a436b4223d11cea97598136a737d629f5bcf808b

SHA256
db63561ab2f7fd878c8a5f175bbe04f70f360b9aa03ec2c9aef5985f6de753b7

SHA512
b37b23680a4d25b1a666cde1ccd2ee7c1efa36c463028d7d398b45b46d4c2ee28aaac45c63a3306049349b5ed21738e1ddac635d7340681888963615e3d9ba26

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
78KB

MD5
8851bfe68311923d907debae5cce778f

SHA1
2bf11ce6716754f64191becd4ab9985a131b4089

SHA256
a3be5a89fbe48f2c08fb3d9c80e7ecb332c6ca2ab573f72d0e4cad1536d740e2

SHA512
23323ec0e8dba8ff2342e8b5547195d0d4b722723c5d0f6b070638b7265ddb86a87b0a3f8d47c2ada7aa0fa78609875403b76c984249fa391a12bdff6269ea60

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads