3ed2baf0aba57bd027c0bac47dd3a8fadde5466efe10fccc36f70f5dea43a91e

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 03:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
Size

110KB
MD5

57c0da15f2abc557588f3a4cc3bf4620
SHA1

9c38de1429fcac5dce2a9b099add8082aa697095
SHA256

3ed2baf0aba57bd027c0bac47dd3a8fadde5466efe10fccc36f70f5dea43a91e
SHA512

7575054c02f1b6a6f24449d7688c497ec9397799252e67a0ab82c9d48d050ff94d93c0e2586622b2b42a3dbe37581142d1c8381cc719a4579c180b6df76e3f50
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVz8:RqlIyFESWu0SWuGSo

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3447) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\fonts\TwemojiMozilla.ttf.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\Microsoft.Build.Engine.resources.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\locale.ini.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_zh_CN.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\CET.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\en-US\chkrzm.exe.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\wmpnscfg.exe.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\license.html.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Palau.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\203x8subpicture.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\ipcclientcerts.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_ja_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsdt.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\sunec.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\js\calendar.js.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_ja_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\corner.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\es-ES\ShvlRes.dll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\java.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\zip.dll.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\connectionmanager_dmr.xml.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\es-ES\PhotoAcq.dll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_ButtonGraphic.png.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\jmxremote.access.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\platform.ini.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msaddsr.dll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert_5.5.0.165303.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-heapwalker.jar.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\vlc.exe.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-changjei.xml.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqlxmlx.rll.mui.tmp	57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\57c0da15f2abc557588f3a4cc3bf4620_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:756

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
110KB

MD5
dc9f92ef2e47b50111c08ac3b38667e7

SHA1
1dcb927740f94cd1280f5f60fe8bef8a75fb9810

SHA256
1f02ff536363d709e4fbd9a8ea9af43c872de3559db9495b6aa3580868157753

SHA512
f1a8f6ed88d36a28d46522b2ebc7cf08ac2e0a60e621b6ac906c8f9117858a993a5cd8fd3f9e218946b8000f18f1d5a33b020a3358646cb61c0571ba992984dd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
119KB

MD5
6577474c7a62d106a08642dc9c1b3fc1

SHA1
8bec694a6727a8dacae01445c269e6667a019d61

SHA256
dde3b1a388815810a0801d11820cd26d482deb781f6793a5cde1644d97e5da7c

SHA512
2cd0e72523cee55b4b856e25a4f0299b1c3db7494e505b8d5f2d5f5be1883a28d95e0989d13d9eccde3e11ec0f746255ccf03504101260d853af08ac1450adce

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads