87a0b9b90076f7a396216b0107e4c8b08f051c132a99cc355546b84095ed8ce4

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 22:55

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
Size

131KB
MD5

22a02b1bb6d1bcac48c9d6234786afa0
SHA1

7c2d0401217715dbd2f42bb4848baee88e70a9ad
SHA256

87a0b9b90076f7a396216b0107e4c8b08f051c132a99cc355546b84095ed8ce4
SHA512

90b2fe3eafb4cc7b96df8a53c018e49b2f4fa79cf57b3119b1f10bc527559119b7a434588825c68cf18daa205487550227b9c19c27105e8938385a9c66fbea03
SSDEEP

1536:W7ZQpApjIZNdNnfFpsJOfFpsJ+n1k1jWk1j1yMKxJvlwJvlo:6QWpkzlfFpsJOfFpsJ+n6jByhJdwJdo

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3212) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\bin\dtplugin\deployJava1.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+8.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Orange Circles.htm.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerConstraints.exsd.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations.nl_zh_4.4.0.v20140623020002.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.IdentityModel.Resources.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tg.txt.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\PurblePlaceMCE.lnk.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\ct.sym.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jpeg.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.zh_CN_5.5.0.165303.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\sqmapi.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Merida.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.actionProvider.exsd.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\server\classes.jsa.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\CloseClear.dwg.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\it-IT\msinfo32.exe.mui.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationCore.resources.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\BlockResume.mhtml.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\ktab.exe.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs-nio2.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-print.xml_hidden.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Gaza.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\oledb32r.dll.mui.tmp	22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\22a02b1bb6d1bcac48c9d6234786afa0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp

Filesize
132KB

MD5
254ceb360e75ca1781919bb05dbb349c

SHA1
6c1c62c329fcc1a04df73706ff1def1dc7be26bb

SHA256
b6486fdf846c1236710e68f25a838fa229cd6e82f71c2284d5d3e16b1e001297

SHA512
2d956471f833d25193b05b0ab26e700e26650c722bc2c26b900e40d278504e969933d21067fd204f0cf6f4536ca48752754b7687c09de664891361c97245afbf

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
141KB

MD5
1c87a2e3015e3b125a656990630dd25a

SHA1
664e7b6ec44325a9978c89f58c19cad777d948be

SHA256
0fefdcb2d01c7f67c0a1397bed49bb9ce7050e45cfa04d8217733291f183aec8

SHA512
89744859c190b799f3811dcbd7638a9a75d9553cf3a8552b10f79cf4079895bf92f1e13125e5f75ef4e2ca557df5746553accd6c45a87d1b1866e162987b4708

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads