e339b98e177687f76faf5774e44ba7dc0730974678663e128d56190f40032805

Analysis

max time kernel
139s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 00:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
Size

114KB
MD5

2a41526fb96b610c2c17d86e21f70550
SHA1

bd22ed704848fbd774e8daa8794eb716d92777f4
SHA256

e339b98e177687f76faf5774e44ba7dc0730974678663e128d56190f40032805
SHA512

4667f076f12554e2a6c4fafcfe5297fd2f6388a6c0cd330ac8e2eafbc7f78b920420fefc3545e9e7985b4b565c90a71c19e08058b9dd8122249e5fddee380578
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVze:RqlIyFESWu0SWuGSi

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3151) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\NOTICE.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_ja.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\PresentationBuildTasks.resources.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Resources.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liblibmpeg2_plugin.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_es.properties.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multitabs.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\awt.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\plugin-container.exe.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Pyongyang.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\jconsole.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqloledb.rll.mui.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-uihandler.xml.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\java.exe.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\Welcome.html.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\sd\icecast.luac.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\tr.pak.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\zip.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\osclientcerts.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\npvlc.dll.tmp	2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2a41526fb96b610c2c17d86e21f70550_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3452737119-3959686427-228443150-1000\desktop.ini.tmp

Filesize
114KB

MD5
854606c71024f3d8325275b8b0752d28

SHA1
321fd90127bdbb23e53deec3283b678f9b23fbdb

SHA256
155614a05c49f91ec062d807a1ab7382753a3e1059855dcb583778a3294fe2c3

SHA512
67873f9e9fd7d799056f7370ff238609aa82bb6869eb843350cd6ffbf3ce04384fa4427388688b7f74b6a6d5eee628b5228c783cccbb5c81b3468ccb30f57990

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
123KB

MD5
1db7f15cea1c1eb650c9f18205cb2222

SHA1
6bc66c914e0893831752ea567456bdcfa9add7e9

SHA256
163ca8170ca07f1958bb58e3f214029c7846910901f49f163608603dd930e859

SHA512
542c409f82e24e02af4d06248511c1ed8cbe10ab7595b83384bd9ebad69945b4cbe6dd7fc82a4a8c940fe785db3daee79854a8f3b7e452d94e5dd8f119daefa1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads