fef8a21d083b2a01b0602db7f82c91dcabb15662fc04c1497830838ed06082d5

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
10-05-2024 02:06

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
Size

96KB
MD5

473e183a08cb69145b7d2d9e0f148ae0
SHA1

ede40693188f4faaba9971d4ebbcdad99d9ff212
SHA256

fef8a21d083b2a01b0602db7f82c91dcabb15662fc04c1497830838ed06082d5
SHA512

3abe01f2d474f07364e83cbb2a3646781c742ee7042dfbd9ee70c62fc39015ea62a6319a95d1f17b7696d7cdb30982cea3e41c082cfcd221be7c1683070b1fde
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP76n:6rWpcOPxPke+e3fFpsJOfFpsJbgES

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3559) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Fiji.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhds_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.ja_5.5.0.165303\feature.properties.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\logging.properties.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Palmer.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\librist_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\CIEXYZ.pf.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Copenhagen.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\VisualElements\VisualElements_70.png.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\smtp.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Eirunepe.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\ja-JP\ChkrRes.dll.mui.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Sitka.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Whitehorse.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-8.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_windy.png.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\serialver.exe.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_es.properties.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\cacerts.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mip.exe.mui.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\adovbs.inc.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\settings.html.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\css\currency.css.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-timezone-l1-1-0.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\WindowsBase.resources.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.Printing.resources.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.ServiceModel.Resources.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\zh-TW\tipresx.dll.mui.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll.tmp	473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\473e183a08cb69145b7d2d9e0f148ae0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2392

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
96KB

MD5
29c980c2d79e527e63d589f904130330

SHA1
b904f75ff5482203d1a010e2f92aceae4ef7224f

SHA256
22cbfab33e2cba8dcc0e37b5f53fe5e2bf17c34b809a180913112d73bde88e03

SHA512
f00463bd883beaa3f93d9495a9fcf03539eca570d3e66b85ba9a251a598df5418f79bc6334d915e2703ab432b2891aeb119175c5c842c6eb8cf01d22a3db111a

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
105KB

MD5
9c6909c692184d96da2fb48370769a44

SHA1
56ceb93eb81f8a13c3d7a3a296012b78bb519add

SHA256
6edde57c11998d7f0da6b32e15ac0dd0e195c5203eabf6e3e0b310d83661fbbd

SHA512
667ec766c02bc1f6dfe724f2d6033b117f8e506d16b85b486ac7c0c506a80fb0626da56f4f8cac7938b0da1e30ebea9752cee4fd9addd01b1d700a357aea353c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads