1c2caa1c43214dd9988175f1a6f5a032c3daae1535d4b64e70ff2d4cada5c511

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-05-2024 00:23

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
Size

93KB
MD5

2beac02a4c438cbff9473b7c443d7f60
SHA1

226505326b45239487b1ada85d66438b35d790d8
SHA256

1c2caa1c43214dd9988175f1a6f5a032c3daae1535d4b64e70ff2d4cada5c511
SHA512

b2aa5f40fa26cd090ac6a0dbf4e31a5d99a453bf5e8d8b222ae19796d3c41c1e3e1302631e91680ca7b8ebe6a035d84b6b296c78b8429450a2ae1c8b52047478
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP76PDn+I+6:6rWpcOPxPke+e3fFpsJOfFpsJbgEOD5

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (511) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\networkinspection.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\icudtl.dat.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsdan.xml.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.exe.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lt.txt.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\directshowtap.ax.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jvmti.h.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\msvcr100.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-CN\tipresx.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\MemoryAnalyzer.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\EditUse.cr2.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground_PAL.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javap.exe.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ug.txt.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\NOTICE.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\ShapeCollector.exe.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcor.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsprofilerui.dll.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ku.txt.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcfr.dll.mui.tmp	2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2beac02a4c438cbff9473b7c443d7f60_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
93KB

MD5
de938d0e8c885379e56da1ef47e721a6

SHA1
7af134fb22687ffa699ba8b25b60307d6716121a

SHA256
b8d2e243a681b5d5b2242668b17bf923afbee390ada98b96c2449535b1d95e7a

SHA512
73b2b64f489b403a3863d7d29a74807b4cf5cea8a767dee5816624be120db383a9edc8f7a4a0146ef7d54c21a13d3421f7dd0592a4c14ff7787c965378fa09a0

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
102KB

MD5
e27f76da72779091e9714b997d7dc239

SHA1
6f23b31bba4477d390c72dc9a2c64d93a8627572

SHA256
6dde7f6c4b3237b9387ad55615b1d8e342f48f2b30d99c33fe41618f8322d846

SHA512
dda5b384ade5b7aa449f566446d64b532f9880456027638c3a8e6678b90ac43930a43799e894c4239e9b377b2ca8a8a1fa0a0165779534e3b4d897a85bca6ec8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads