069545197966bde77c906238e6f4f96a681201704e4b4c80a4d460911ada2f51

Analysis

max time kernel
27s
max time network
150s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 02:10 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
Size

1.3MB
MD5

4819fbb18a971f4664a4e7cab074ca40
SHA1

b5009e079309574cc2117eb30bd7c437b88a56c0
SHA256

069545197966bde77c906238e6f4f96a681201704e4b4c80a4d460911ada2f51
SHA512

9410204591f5225bbae08038c28fe8f1af485f3414d257c1f7c9915bb7b95cc7152f05a84f54fdc7fa88b0d034b68d1fdc2cfce25eb9e39a130580ff6bd53844
SSDEEP

24576:oW18pU5RzwL4v7ZfdmGWirSvsqy2B73zmGE0Djnuxn3fAG4+Rwb1Hgs:V1r5t7mGTAXdY2u93IG4+RwJN

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\M:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\O:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\P:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\T:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\B:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\E:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\H:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\N:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\S:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\W:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\X:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\A:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\G:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\R:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\I:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\L:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\U:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\V:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\J:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File opened (read-only)	\??\K:	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\Temp\gay lesbian castration (Jenna).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\bukkake hot (!) ejaculation .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\beastiality sleeping gorgeoushorny (Ashley).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\british sperm public upskirt .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\norwegian gay licking (Samantha).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\brasilian gay masturbation (Anniston,Jenna).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\danish cumshot licking glans (Tatjana).avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\horse [free] .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\beastiality public young (Karin,Gina).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\porn lingerie [bangbus] .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Google\Temp\british animal lesbian girls boobs .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\danish horse voyeur .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\danish xxx beast full movie gorgeoushorny .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\swedish action blowjob [free] shoes (Sandy).zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\gang bang handjob big .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\horse beast [bangbus] gorgeoushorny (Britney,Gina).avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\sperm action public (Janette).zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\russian hardcore trambling public .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\beast gay lesbian lady .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\beast uncut .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\british lingerie hot (!) boobs .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\chinese handjob masturbation 50+ .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\chinese cumshot bukkake masturbation wifey .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\canadian sperm [bangbus] (Sarah).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\asian hardcore several models cock (Sylvia).zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\lesbian action masturbation mature .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\kicking porn public glans lady .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\asian porn horse hot (!) legs .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\japanese xxx licking .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_2fc4a33adb648f33\british action several models .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\malaysia fetish handjob big hole mature .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\fetish gay girls bedroom .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b4aea777fe683838\beast uncut .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0af98f1835676d1b\german beast big (Sonja,Kathrin).mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_d81c96999f75bd77\african horse hidden .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\african sperm bukkake hot (!) 50+ .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\asian nude masturbation legs (Ashley).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\blowjob gang bang girls traffic .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\asian fetish several models (Kathrin).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\lingerie public .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\security\templates\french nude porn [bangbus] hole castration (Kathrin).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_293ea1e3e6bc5364\gang bang girls pregnant .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\french fetish xxx girls .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\swedish bukkake horse several models blondie .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\chinese xxx lingerie masturbation boobs beautyfull .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\wow64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_79642285ffd2a388\black fucking [free] ejaculation (Tatjana).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\german cum full movie (Karin).mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.1.7600.16385_none_a727eb798dcfb185\gay bukkake girls (Anniston,Britney).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_dba3691c6002e10e\nude handjob several models nipples bondage .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\asian animal gang bang [bangbus] upskirt .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\chinese cumshot nude uncut traffic (Ashley,Sonja).avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\malaysia lesbian licking black hairunshaved .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_bacc7ceffc55dca2\malaysia lingerie [bangbus] femdom .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfolders-adm_31bf3856ad364e35_6.1.7600.16385_none_af6f98ff87b0e3cc\canadian porn kicking lesbian .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\beast catfight gorgeoushorny (Jenna).mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\german beastiality cum public cock .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\russian action beast licking legs 50+ .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_0ac4ebfc358e5ec0\kicking lingerie public boobs 40+ .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_6208b91f46896156\animal public .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ad7c61fb28607522\xxx xxx full movie ìï .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_97a45841ff925aa0\danish bukkake fucking lesbian titts femdom .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\beast [milf] feet swallow .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\black trambling sperm [milf] beautyfull .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\lingerie lesbian uncut fishy .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_99b74194b7347cab\fetish hidden upskirt (Anniston,Curtney).zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_6.1.7600.16385_none_6377027f0030a06a\lingerie lesbian .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_f0ca3430257ea13f\malaysia porn bukkake hidden feet YEâPSè& .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_39374e2435a71b47\italian sperm porn public .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\swedish horse full movie vagina granny .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-aspnet_installsqlstatetemp_b03f5f7f11d50a3a_6.1.7600.16385_none_16a2bb1dbab1c595\german xxx [milf] granny (Melissa).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\british horse uncut sweet .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\InstallTemp\action [milf] latex .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\indian animal sperm masturbation .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\african horse kicking girls leather .mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\porn voyeur ash .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_8bfc34b93f0fdd42\bukkake fucking hidden (Sonja).avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_it-it_18a6fde3093acac7\danish lesbian uncut blondie (Janette,Sonja).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\african nude public hole leather .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bcc167434bb9b3ea\horse nude public .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\african sperm [bangbus] (Anniston,Gina).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\african sperm hidden gorgeoushorny (Janette).rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_9498b282333b64ec\asian gay lesbian shoes .rar.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\Temp\japanese horse catfight boobs .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\black blowjob nude lesbian boobs mistress (Melissa).avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_f27c4f066f5c6701\gay horse hot (!) (Sonja,Liz).mpg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_es-es_00bfb7e81e458178\blowjob licking ejaculation (Sylvia,Sarah).avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_es-es_8bc7919d3f36cee7\italian horse beastiality girls .zip.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\chinese horse sperm hot (!) cock .avi.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_1412267f4b3bb985\animal handjob hot (!) .mpeg.exe	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1716	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
652	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
800	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2476	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2616	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
844	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1420	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1508	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
836	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1716	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2260	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2928	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
652	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
776	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
664	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
584	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
800	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1504	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
628	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1812	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2484	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2484	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2476	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2476	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2616	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2616	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
844	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
844	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1508	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1508	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2332	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
2332	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1532	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
1532	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2188 wrote to memory of 2656	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	28
PID 2188 wrote to memory of 2656	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	28
PID 2188 wrote to memory of 2656	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	28
PID 2188 wrote to memory of 2656	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	28
PID 2656 wrote to memory of 2208	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	29
PID 2656 wrote to memory of 2208	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	29
PID 2656 wrote to memory of 2208	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	29
PID 2656 wrote to memory of 2208	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	29
PID 2188 wrote to memory of 2604	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	30
PID 2188 wrote to memory of 2604	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	30
PID 2188 wrote to memory of 2604	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	30
PID 2188 wrote to memory of 2604	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	30
PID 2208 wrote to memory of 3024	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	31
PID 2208 wrote to memory of 3024	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	31
PID 2208 wrote to memory of 3024	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	31
PID 2208 wrote to memory of 3024	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	31
PID 2604 wrote to memory of 3036	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	32
PID 2604 wrote to memory of 3036	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	32
PID 2604 wrote to memory of 3036	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	32
PID 2604 wrote to memory of 3036	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	32
PID 2656 wrote to memory of 1540	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	33
PID 2656 wrote to memory of 1540	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	33
PID 2656 wrote to memory of 1540	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	33
PID 2656 wrote to memory of 1540	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	33
PID 2188 wrote to memory of 1716	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	34
PID 2188 wrote to memory of 1716	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	34
PID 2188 wrote to memory of 1716	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	34
PID 2188 wrote to memory of 1716	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	34
PID 3024 wrote to memory of 652	3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	35
PID 3024 wrote to memory of 652	3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	35
PID 3024 wrote to memory of 652	3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	35
PID 3024 wrote to memory of 652	3024	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	35
PID 3036 wrote to memory of 2476	3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	36
PID 3036 wrote to memory of 2476	3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	36
PID 3036 wrote to memory of 2476	3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	36
PID 3036 wrote to memory of 2476	3036	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	36
PID 1540 wrote to memory of 800	1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	37
PID 1540 wrote to memory of 800	1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	37
PID 1540 wrote to memory of 800	1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	37
PID 1540 wrote to memory of 800	1540	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	37
PID 2208 wrote to memory of 2616	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	38
PID 2208 wrote to memory of 2616	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	38
PID 2208 wrote to memory of 2616	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	38
PID 2208 wrote to memory of 2616	2208	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	38
PID 1716 wrote to memory of 1420	1716	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	39
PID 1716 wrote to memory of 1420	1716	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	39
PID 1716 wrote to memory of 1420	1716	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	39
PID 1716 wrote to memory of 1420	1716	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	39
PID 2604 wrote to memory of 844	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	40
PID 2604 wrote to memory of 844	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	40
PID 2604 wrote to memory of 844	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	40
PID 2604 wrote to memory of 844	2604	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	40
PID 2188 wrote to memory of 1508	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	41
PID 2188 wrote to memory of 1508	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	41
PID 2188 wrote to memory of 1508	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	41
PID 2188 wrote to memory of 1508	2188	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	41
PID 2656 wrote to memory of 836	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	42
PID 2656 wrote to memory of 836	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	42
PID 2656 wrote to memory of 836	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	42
PID 2656 wrote to memory of 836	2656	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	42
PID 652 wrote to memory of 2260	652	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	43
PID 652 wrote to memory of 2260	652	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	43
PID 652 wrote to memory of 2260	652	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	43
PID 652 wrote to memory of 2260	652	4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2188
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2656
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2208
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:3024
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:652
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:2224
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:5412
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        10⤵
        
        PID:10536
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        10⤵
        
        PID:20164
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:7568
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:14800
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:1356
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:4524
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:8480
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:15304
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:14364
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:6524
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:10128
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:20188
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:3412
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:5552
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:9120
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:14476
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:12556
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:8524
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:14484
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:12224
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:4820
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:9104
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:14444
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:13824
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:7060
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:9804
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:10560
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:19668
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:2156
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:3420
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:5460
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:21468
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:8392
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:14808
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:2092
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:4852
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:9080
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:15984
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6844
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11836
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11892
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3524
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:5800
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8868
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:15916
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5040
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9364
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:20660
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6376
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9664
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14752
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14108
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:664
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:1568
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:3712
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:6156
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        9⤵
        
        PID:21988
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:9948
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:15944
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:5236
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:10248
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:4688
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:7364
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:21228
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:10112
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:19572
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3548
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6116
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:11432
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8800
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:15328
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14144
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4264
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8860
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7788
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14828
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13268
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:2664
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4084
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:7128
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11540
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:16112
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5768
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11472
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8844
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16040
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3612
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6040
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10028
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10208
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4660
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11216
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9872
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7644
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11508
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16236
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:22200
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2616
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:584
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:1800
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:3840
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:6412
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:10020
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:1948
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:5368
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:10584
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:12664
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8384
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14648
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:4236
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:5316
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9500
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9424
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4564
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9860
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:21368
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7588
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11492
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:12248
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3008
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4696
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8488
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:15908
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6652
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10976
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14872
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:17652
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3504
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6776
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10312
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13908
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6024
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10544
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4104
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9072
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16072
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:628
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:2040
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:7740
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14836
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9580
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5880
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9696
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16096
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:18496
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3728
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6176
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10296
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13696
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5252
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9136
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16088
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:8204
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14560
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:21200
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2788
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4240
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7440
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11576
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16404
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5904
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9996
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:21360
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3900
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6980
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9296
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10592
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:20868
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5732
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11148
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:8468
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:15924
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:13472
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1540
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:800
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2928
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:1984
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:3476
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:5612
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:8428
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:16000
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:9648
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:10992
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6928
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11000
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:15296
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:13964
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8916
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:16120
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5052
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9520
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14680
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9372
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7544
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13000
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13920
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:848
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6236
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9964
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:20848
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5324
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:10168
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:20836
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8196
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:12024
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13440
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3572
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5444
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9888
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:16032
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9704
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:15968
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4800
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9632
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14664
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13416
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7596
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11548
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:13784
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1504
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:2136
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3808
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6284
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9940
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:16244
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5308
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:21452
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7716
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10120
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4636
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3628
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5332
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9688
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:15976
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:18724
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4860
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10304
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:19612
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7432
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11200
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11560
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16348
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2812
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4216
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8000
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11168
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:20968
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5948
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9680
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16024
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3768
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6344
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10176
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:19536
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5264
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10152
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:19604
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:8024
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11404
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:10608
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:20888
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:836
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:400
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3156
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4716
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9620
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14720
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:21948
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7580
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11480
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16148
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3760
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7872
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14580
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13928
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5952
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9876
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11916
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2108
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5012
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9112
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14820
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7688
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6912
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10552
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:20180
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3700
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7324
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11532
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16480
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:6008
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9176
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:16016
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:1384
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3076
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5104
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9056
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14420
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13176
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7636
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11844
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:932
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3432
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7416
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11608
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6072
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5908
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9264
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:14708
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:13428
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:1080
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:4920
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9152
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14524
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:21964
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:6860
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9800
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:10136
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:19584
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:3820
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:7356
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11516
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:16428
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:6044
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:9144
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:16456
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2604
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:3036
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2476
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:776
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:2760
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:4044
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:7304
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:11592
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:16396
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:22372
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8456
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:15312
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:21940
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3752
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6208
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9972
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11940
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5280
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:10160
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:20172
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8376
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14612
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10276
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:2636
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4204
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:7532
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        8⤵
        
        PID:16128
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11584
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:16380
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6076
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9988
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:21352
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3736
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6332
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9956
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:15960
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5288
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8900
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16064
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7912
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14552
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5424
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1812
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:2920
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:3172
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:6280
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14544
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:11976
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5776
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9168
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14640
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:12644
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3676
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:5452
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:10004
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:21476
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5168
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8908
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16080
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7976
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11888
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10576
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:20860
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2880
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4672
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9160
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14632
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9544
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6828
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9908
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11656
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:13868
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3824
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6400
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9656
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14728
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9336
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5300
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9508
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:10528
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:844
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2484
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:1852
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4980
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:8836
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:14736
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:13276
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7084
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14516
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6272
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3096
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7700
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13008
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11328
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5956
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:8820
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14696
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:21956
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2864
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4552
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:8884
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16472
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6556
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10984
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14844
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11788
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3932
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7680
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11820
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11904
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5856
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9980
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11276
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:2148
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3164
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4532
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9752
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16272
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7536
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11852
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7228
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3640
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7248
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11600
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16672
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5428
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9064
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:16048
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:2280
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:4928
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9760
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7628
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:6880
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11568
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:16464
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:3460
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:7844
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11192
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:13880
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:10600
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5008
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:5916
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:10012
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:11336
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:1716
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1420
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1532
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:3116
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:4772
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9848
        
        C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        7⤵
        
        PID:9308
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:7660
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11500
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16104
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:1796
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:6564
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9740
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:16256
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5964
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:8852
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14672
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:13348
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2144
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4784
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9640
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14604
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:13732
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7052
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14468
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7236
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3544
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7836
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14500
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:6424
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5976
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:8828
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:16008
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:8876
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:14852
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11136
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:1328
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3140
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4108
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9604
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14620
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:12620
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7552
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14568
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:12848
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3764
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7256
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:10568
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9596
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5992
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9912
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4908
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9256
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:15952
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:1904
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:4760
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9096
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14436
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9376
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:6768
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:10968
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:14776
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:12976
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:3744
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:7692
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11524
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:13144
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:5396
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:9128
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:15992
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1508
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:1548
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:3084
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:4212
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:9088
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:14452
      - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        6⤵
        
        PID:11188
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7620
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:11120
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:20876
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:2876
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:7864
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14784
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:5092
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5888
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9492
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:16448
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:2020
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:4628
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:8508
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:14864
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:13452
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:6804
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11616
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:16372
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:3368
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:6148
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11828
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:13080
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:5892
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:9272
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:14744
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:21460
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2332
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:3108
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:5080
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:9840
    - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
        5⤵
        
        PID:21376
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:7896
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:14588
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11876
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:3724
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:7240
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:14508
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:21180
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:5180
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:9344
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:16056
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:21996
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  PID:1728
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:4732
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:9328
  - - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
      4⤵
      PID:11984
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:6820
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:10144
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:19592
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  PID:3124
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:7160
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:14388
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:2252
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  PID:5924
- - C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
    3⤵
    PID:22192
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  PID:8892
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  PID:14768
- C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\4819fbb18a971f4664a4e7cab074ca40_NeikiAnalytics.exe"
  2⤵
  PID:14372

Network

DNS

25.209.241.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.209.241.213.in-addr.arpa

IN PTR

Response
DNS

40.44.147.27.in-addr.arpa

Remote address:

8.8.8.8:53

Request

40.44.147.27.in-addr.arpa

IN PTR

Response
DNS

47.225.185.28.in-addr.arpa

Remote address:

8.8.8.8:53

Request

47.225.185.28.in-addr.arpa

IN PTR

Response
DNS

183.32.73.146.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.32.73.146.in-addr.arpa

IN PTR

Response
DNS

192.128.59.87.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.128.59.87.in-addr.arpa

IN PTR

Response

192.128.59.87.in-addr.arpa

IN PTR

87-59-128-192-dynamicdkcustomertdcnet
DNS

68.103.161.113.in-addr.arpa

Remote address:

8.8.8.8:53

Request

68.103.161.113.in-addr.arpa

IN PTR

Response

68.103.161.113.in-addr.arpa

IN PTR

staticvnptvn
DNS

73.172.174.138.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.172.174.138.in-addr.arpa

IN PTR

Response
DNS

247.44.14.116.in-addr.arpa

Remote address:

8.8.8.8:53

Request

247.44.14.116.in-addr.arpa

IN PTR

Response

247.44.14.116.in-addr.arpa

IN PTR

bb116-14-44-247singnetcomsg
DNS

102.190.160.106.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.190.160.106.in-addr.arpa

IN PTR

Response

102.190.160.106.in-addr.arpa

IN PTR

KD106160190102ppp-bbdionnejp
DNS

45.65.72.173.in-addr.arpa

Remote address:

8.8.8.8:53

Request

45.65.72.173.in-addr.arpa

IN PTR

Response

45.65.72.173.in-addr.arpa

IN PTR

pool-173-72-65-45cmdnnjfiosverizonnet
DNS

78.176.156.117.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.176.156.117.in-addr.arpa

IN PTR

Response
DNS

107.117.79.228.in-addr.arpa

Remote address:

8.8.8.8:53

Request

107.117.79.228.in-addr.arpa

IN PTR

Response

No results found

8.8.8.8:53

25.209.241.213.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

25.209.241.213.in-addr.arpa
8.8.8.8:53

40.44.147.27.in-addr.arpa

dns

71 B
128 B
1
1

DNS Request

40.44.147.27.in-addr.arpa
8.8.8.8:53

47.225.185.28.in-addr.arpa

dns

72 B
140 B
1
1

DNS Request

47.225.185.28.in-addr.arpa
8.8.8.8:53

183.32.73.146.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

183.32.73.146.in-addr.arpa
8.8.8.8:53

192.128.59.87.in-addr.arpa

dns

72 B
127 B
1
1

DNS Request

192.128.59.87.in-addr.arpa
8.8.8.8:53

68.103.161.113.in-addr.arpa

dns

73 B
101 B
1
1

DNS Request

68.103.161.113.in-addr.arpa
8.8.8.8:53

73.172.174.138.in-addr.arpa

dns

73 B
127 B
1
1

DNS Request

73.172.174.138.in-addr.arpa
8.8.8.8:53

247.44.14.116.in-addr.arpa

dns

72 B
116 B
1
1

DNS Request

247.44.14.116.in-addr.arpa
8.8.8.8:53

102.190.160.106.in-addr.arpa

dns

74 B
120 B
1
1

DNS Request

102.190.160.106.in-addr.arpa
8.8.8.8:53

45.65.72.173.in-addr.arpa

dns

71 B
126 B
1
1

DNS Request

45.65.72.173.in-addr.arpa
8.8.8.8:53

78.176.156.117.in-addr.arpa

dns

73 B
122 B
1
1

DNS Request

78.176.156.117.in-addr.arpa
8.8.8.8:53

107.117.79.228.in-addr.arpa

dns

73 B
130 B
1
1

DNS Request

107.117.79.228.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\swedish action blowjob [free] shoes (Sandy).zip.exe

Filesize
1.5MB

MD5
f5004c350deb741de49444dc8f64b846

SHA1
2ec7a27efc82d7d816ae9e579022ca84900f43e8

SHA256
5f981ed392ee53a3bb6d15f387210bc388b61b095282d77aada26718b1c0758e

SHA512
1275b82105a710fc13ec0c9ce1b39e1d0a89920a5acfc7783f1bbe9933dc83e699dec23a8f915818f93a2e855f6023d40eb73bad642e0393e7834a956b7d0be2

Download Submit
C:\debug.txt

Filesize
183B

MD5
a5573a052901e32d9fb3fd2223f030f0

SHA1
f7319b5202b52453a125280cf292a408a645c66e

SHA256
d35c9363b5968bf3416e25b94d80d9bd30bc177475ce1c2cb5101990586027fe

SHA512
397f0e279870fd319f1f168ea22f6c52d36252888f935b5434bbfbff6313d42bf58cda812038b3199910f3248638ee691f768c13e0726301682f104ee16c9539

Download Submit
memory/400-152-0x0000000004E00000-0x0000000004E2B000-memory.dmp

Filesize
172KB

Download
memory/584-105-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/628-107-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/652-118-0x0000000005060000-0x000000000508B000-memory.dmp

Filesize
172KB

Download
memory/652-95-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/652-101-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/652-168-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/664-167-0x0000000004F60000-0x0000000004F8B000-memory.dmp

Filesize
172KB

Download
memory/664-123-0x0000000004E20000-0x0000000004E4B000-memory.dmp

Filesize
172KB

Download
memory/776-130-0x0000000004F70000-0x0000000004F9B000-memory.dmp

Filesize
172KB

Download
memory/776-104-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/800-122-0x00000000045E0000-0x000000000460B000-memory.dmp

Filesize
172KB

Download
memory/800-171-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/836-116-0x0000000005080000-0x00000000050AB000-memory.dmp

Filesize
172KB

Download
memory/836-145-0x0000000005080000-0x00000000050AB000-memory.dmp

Filesize
172KB

Download
memory/836-177-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/844-98-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/844-174-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/848-125-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1328-151-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/1384-147-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/1420-140-0x0000000004F60000-0x0000000004F8B000-memory.dmp

Filesize
172KB

Download
memory/1420-111-0x0000000004E20000-0x0000000004E4B000-memory.dmp

Filesize
172KB

Download
memory/1420-175-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1504-106-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1504-127-0x00000000045B0000-0x00000000045DB000-memory.dmp

Filesize
172KB

Download
memory/1508-138-0x0000000004F20000-0x0000000004F4B000-memory.dmp

Filesize
172KB

Download
memory/1508-99-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1508-112-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/1508-178-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1532-150-0x0000000001D80000-0x0000000001DAB000-memory.dmp

Filesize
172KB

Download
memory/1540-165-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1540-94-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1540-134-0x0000000005080000-0x00000000050AB000-memory.dmp

Filesize
172KB

Download
memory/1548-148-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/1548-115-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1568-124-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1716-141-0x0000000004560000-0x000000000458B000-memory.dmp

Filesize
172KB

Download
memory/1716-166-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1800-126-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1812-108-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1812-173-0x0000000005070000-0x000000000509B000-memory.dmp

Filesize
172KB

Download
memory/1812-131-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/1852-146-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1984-121-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2136-128-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2136-181-0x0000000005090000-0x00000000050BB000-memory.dmp

Filesize
172KB

Download
memory/2148-153-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/2148-114-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2156-162-0x0000000004D00000-0x0000000004D2B000-memory.dmp

Filesize
172KB

Download
memory/2156-119-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2188-155-0x0000000005130000-0x000000000515B000-memory.dmp

Filesize
172KB

Download
memory/2188-0-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2188-159-0x0000000005130000-0x000000000515B000-memory.dmp

Filesize
172KB

Download
memory/2188-63-0x0000000005130000-0x000000000515B000-memory.dmp

Filesize
172KB

Download
memory/2188-139-0x0000000005130000-0x000000000515B000-memory.dmp

Filesize
172KB

Download
memory/2188-154-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2208-158-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2208-161-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/2208-91-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/2208-89-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2208-136-0x0000000004E50000-0x0000000004E7B000-memory.dmp

Filesize
172KB

Download
memory/2260-102-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2260-179-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2260-117-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/2332-149-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/2332-113-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2476-176-0x0000000004F60000-0x0000000004F8B000-memory.dmp

Filesize
172KB

Download
memory/2476-133-0x0000000004F60000-0x0000000004F8B000-memory.dmp

Filesize
172KB

Download
memory/2476-169-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2476-96-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2484-109-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2484-144-0x0000000002000000-0x000000000202B000-memory.dmp

Filesize
172KB

Download
memory/2604-90-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2604-142-0x0000000004D00000-0x0000000004D2B000-memory.dmp

Filesize
172KB

Download
memory/2604-110-0x0000000004CF0000-0x0000000004D1B000-memory.dmp

Filesize
172KB

Download
memory/2604-160-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2604-92-0x0000000004CE0000-0x0000000004D0B000-memory.dmp

Filesize
172KB

Download
memory/2616-172-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2616-97-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2616-137-0x0000000004F20000-0x0000000004F4B000-memory.dmp

Filesize
172KB

Download
memory/2656-64-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2656-88-0x0000000005020000-0x000000000504B000-memory.dmp

Filesize
172KB

Download
memory/2656-143-0x0000000005030000-0x000000000505B000-memory.dmp

Filesize
172KB

Download
memory/2656-157-0x0000000005020000-0x000000000504B000-memory.dmp

Filesize
172KB

Download
memory/2656-156-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2760-135-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2920-132-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2928-103-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2928-180-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2928-120-0x0000000004CE0000-0x0000000004D0B000-memory.dmp

Filesize
172KB

Download
memory/3024-164-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3024-129-0x0000000005080000-0x00000000050AB000-memory.dmp

Filesize
172KB

Download
memory/3024-170-0x0000000005080000-0x00000000050AB000-memory.dmp

Filesize
172KB

Download
memory/3036-93-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3420-163-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

DNS Request

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.