d5cc63ee41aed2c548abf411e911505142767ed6964d246ac382f8b431cb3167

Analysis

max time kernel
21s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 06:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
Size

1.6MB
MD5

939a9412f9cfd7fb148d563b3e4f9c60
SHA1

4f957f39f847e0d6cc13a9471051b14a458da747
SHA256

d5cc63ee41aed2c548abf411e911505142767ed6964d246ac382f8b431cb3167
SHA512

a7e4a0ada107d6729add0596b0a26dca7dc7107ce462447d0263dc4d8e5bea746967f3f3fe81e5c2a4b373a71f97c5c80ea280c611e2dbc7ec28f2be99babdaf
SSDEEP

24576:V80b8n58SRhNES5vR04fbYgMY7xaYMHnwMJQDJuw9DbFNncmIAZRd0m/:CrzLNNJEhOMHnwt79LncmbZv0m/

Score

7^/10

persistence spyware stealer upx

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/2116-0-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/files/0x0007000000016d45-5.dat	upx
behavioral1/memory/1200-89-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2116-90-0x00000000047E0000-0x00000000047FE000-memory.dmp	upx
behavioral1/memory/1200-91-0x0000000004F10000-0x0000000004F2E000-memory.dmp	upx
behavioral1/memory/1032-93-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1048-94-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1984-96-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2116-95-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1448-97-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2620-98-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2180-101-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1200-100-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/352-102-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2744-103-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2828-105-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2228-106-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1668-111-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1984-110-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/800-109-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1048-108-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1032-107-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2116-113-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1448-114-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3068-116-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2180-115-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/828-120-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1172-119-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1880-121-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/592-118-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/352-117-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2228-123-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2088-127-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/800-124-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1668-125-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/448-122-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3068-128-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1744-130-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2344-132-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/828-131-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1880-133-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/448-135-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3020-136-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/848-137-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/996-138-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/720-139-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1792-140-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1676-143-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1596-142-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/296-141-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/556-145-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2844-159-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2796-158-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3056-157-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3060-155-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2380-154-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1596-152-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1952-151-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2148-146-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2796-150-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3056-149-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3020-148-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2384-144-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/3048-160-0x0000000000400000-0x000000000041E000-memory.dmp	upx

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\X:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\B:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\E:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\L:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\M:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\S:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\T:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\H:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\J:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\N:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\O:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\V:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\I:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\K:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\R:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\U:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\W:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\A:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\G:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File opened (read-only)	\??\P:	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\Temp\trambling voyeur black hairunshaved (Britney,Jade).rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\lingerie several models bedroom .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\indian beastiality hardcore full movie .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\horse lesbian mature (Sonja,Melissa).zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\brasilian animal fucking [bangbus] sm .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\fucking licking shoes (Kathrin,Sarah).avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\tyrkish cumshot horse masturbation glans .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\canadian trambling masturbation hotel .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\trambling catfight .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\japanese cum hardcore full movie (Melissa).rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Google\Temp\fucking full movie .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\american action trambling hot (!) castration .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\american nude bukkake big hairy .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\russian beastiality hardcore big cock .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\lesbian public .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\brasilian gang bang xxx hidden penetration (Kathrin,Karin).zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\danish porn lingerie full movie (Janette).avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\brasilian nude blowjob [milf] (Samantha).rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\swedish kicking blowjob lesbian balls .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\brasilian action fucking [free] balls .avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\lesbian uncut shoes .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\tyrkish cum horse full movie titts .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\black gang bang hardcore hidden YEâPSè& .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\horse girls (Tatjana).zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\danish handjob horse [free] mistress (Britney,Samantha).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\beast hot (!) castration .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\bukkake girls glans high heels .avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_8bfc34b93f0fdd42\malaysia fucking public upskirt .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\bukkake uncut stockings .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_1412267f4b3bb985\beastiality lingerie hidden (Jade).avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_39374e2435a71b47\asian lesbian girls glans sm .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_3863e9ef3f804dd9\french beast [free] hole femdom .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\russian cum horse several models .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_6.1.7600.16385_none_6377027f0030a06a\horse bukkake [bangbus] bondage .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\japanese gang bang lesbian sleeping .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\italian fetish bukkake uncut .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\german horse voyeur glans .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_0ac4ebfc358e5ec0\blowjob uncut .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_965db382b6fef5cb\porn gay public (Melissa).zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_dba3691c6002e10e\african lingerie sleeping .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\tyrkish animal gay lesbian cock pregnant (Janette).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\wow64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_6b16fa9f975e1109\tyrkish action beast voyeur .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_05ea1d9b8e2bf020\nude horse big ìï .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\brasilian gang bang trambling big .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp\danish nude bukkake girls hole .avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_6208b91f46896156\spanish lingerie uncut .avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\handjob hardcore [free] (Janette).mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\wow64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_79642285ffd2a388\trambling [bangbus] lady .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_7bfdfb15e7184c41\african beast public feet .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\security\templates\beast several models granny .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_97a45841ff925aa0\fucking licking hole bondage .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\british xxx licking hotel .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_387a16fe7addf3b6\french trambling catfight leather .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\sperm licking titts beautyfull (Curtney).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\japanese animal blowjob hot (!) blondie (Christine,Janette).avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_f25d066604c2ad34\indian nude blowjob public feet pregnant (Jade).mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_es-es_8bc7919d3f36cee7\sperm licking balls (Kathrin,Janette).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_ddab3bcb3a4ffb45\italian action blowjob [bangbus] (Karin).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\xxx sleeping .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\swedish animal hardcore [milf] stockings .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_es-es_5d6ada54ed6d35a2\canadian bukkake hot (!) hairy .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\tyrkish animal bukkake hidden glans (Sonja,Samantha).mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\horse beast sleeping cock mistress .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8d9f242de8497d58\african bukkake licking hole (Kathrin,Tatjana).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\italian handjob sperm big leather .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ad7c61fb28607522\french horse big titts .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\japanese cum sperm licking .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p..al-securitytemplate_31bf3856ad364e35_6.1.7600.16385_none_49dd84a06c7c8863\tyrkish fetish xxx full movie titts femdom .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_6.1.7600.16385_none_5499606faffb3f9f\bukkake hidden cock fishy .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\lingerie hot (!) leather (Anniston,Jade).rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_bacc7ceffc55dca2\malaysia blowjob girls glans .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_664dbffec8693dfe\chinese fucking big feet (Britney,Liz).avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\swedish handjob trambling masturbation titts .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\swedish handjob beast catfight .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\Downloaded Program Files\sperm several models titts .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_cd2006602e5ee22e\asian blowjob voyeur hotel (Britney,Samantha).rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_f3c374fc18118ca2\malaysia gay hidden hairy .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_dd18b2a07d49aa11\french bukkake [milf] feet (Ashley,Melissa).rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_00225053e03f4c04\swedish horse sperm voyeur hole .mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\cumshot xxx uncut .avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-m..-temptable-provider_31bf3856ad364e35_6.1.7600.16385_none_1dd3ce8d1e7524cd\cum beast [free] (Melissa).mpg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_b7f38afb92de484f\fetish blowjob hot (!) feet hotel (Tatjana).mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\italian nude horse public black hairunshaved .avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\african hardcore lesbian leather .rar.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5803850b2f40840e\hardcore sleeping fishy .zip.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_60a2cbbf935c42b4\tyrkish action trambling [free] (Sylvia).avi.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\bukkake licking .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\black cum gay licking .mpeg.exe	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2180	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
592	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
352	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
800	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1668	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1172	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2228	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2088	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2344	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
3068	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2180	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
592	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1880	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
800	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
800	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
352	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
352	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1668	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1668	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
720	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
720	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
848	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1792	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
848	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
1792	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
996	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2116 wrote to memory of 2620	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	28
PID 2116 wrote to memory of 2620	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	28
PID 2116 wrote to memory of 2620	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	28
PID 2116 wrote to memory of 2620	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	28
PID 2620 wrote to memory of 1200	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	29
PID 2620 wrote to memory of 1200	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	29
PID 2620 wrote to memory of 1200	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	29
PID 2620 wrote to memory of 1200	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	29
PID 2116 wrote to memory of 2744	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	30
PID 2116 wrote to memory of 2744	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	30
PID 2116 wrote to memory of 2744	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	30
PID 2116 wrote to memory of 2744	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	30
PID 1200 wrote to memory of 2828	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	31
PID 1200 wrote to memory of 2828	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	31
PID 1200 wrote to memory of 2828	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	31
PID 1200 wrote to memory of 2828	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	31
PID 2620 wrote to memory of 1032	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	32
PID 2620 wrote to memory of 1032	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	32
PID 2620 wrote to memory of 1032	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	32
PID 2620 wrote to memory of 1032	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	32
PID 2744 wrote to memory of 1048	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	33
PID 2744 wrote to memory of 1048	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	33
PID 2744 wrote to memory of 1048	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	33
PID 2744 wrote to memory of 1048	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	33
PID 2116 wrote to memory of 1984	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	34
PID 2116 wrote to memory of 1984	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	34
PID 2116 wrote to memory of 1984	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	34
PID 2116 wrote to memory of 1984	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	34
PID 2828 wrote to memory of 1448	2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	35
PID 2828 wrote to memory of 1448	2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	35
PID 2828 wrote to memory of 1448	2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	35
PID 2828 wrote to memory of 1448	2828	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	35
PID 1048 wrote to memory of 2180	1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	36
PID 1048 wrote to memory of 2180	1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	36
PID 1048 wrote to memory of 2180	1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	36
PID 1048 wrote to memory of 2180	1048	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	36
PID 1032 wrote to memory of 352	1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	37
PID 1032 wrote to memory of 352	1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	37
PID 1032 wrote to memory of 352	1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	37
PID 1032 wrote to memory of 352	1032	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	37
PID 1200 wrote to memory of 592	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	38
PID 1200 wrote to memory of 592	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	38
PID 1200 wrote to memory of 592	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	38
PID 1200 wrote to memory of 592	1200	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	38
PID 2620 wrote to memory of 1172	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	39
PID 2620 wrote to memory of 1172	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	39
PID 2620 wrote to memory of 1172	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	39
PID 2620 wrote to memory of 1172	2620	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	39
PID 2744 wrote to memory of 800	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	40
PID 2744 wrote to memory of 800	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	40
PID 2744 wrote to memory of 800	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	40
PID 2744 wrote to memory of 800	2744	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	40
PID 1984 wrote to memory of 2228	1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	41
PID 1984 wrote to memory of 2228	1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	41
PID 1984 wrote to memory of 2228	1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	41
PID 1984 wrote to memory of 2228	1984	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	41
PID 2116 wrote to memory of 1668	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	42
PID 2116 wrote to memory of 1668	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	42
PID 2116 wrote to memory of 1668	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	42
PID 2116 wrote to memory of 1668	2116	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	42
PID 1448 wrote to memory of 2088	1448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	43
PID 1448 wrote to memory of 2088	1448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	43
PID 1448 wrote to memory of 2088	1448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	43
PID 1448 wrote to memory of 2088	1448	939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2116
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2620
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1200
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2828
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:1448
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2088
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3020
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        9⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        9⤵
        
        PID:9428
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        9⤵
        
        PID:11336
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        9⤵
        
        PID:1976
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:4728
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        9⤵
        
        PID:9900
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        9⤵
        
        PID:20932
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:7600
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:11452
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:12080
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3472
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:5752
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:9436
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:11320
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:9660
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17484
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:7408
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12684
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:24380
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:1952
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3404
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:5724
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:9152
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17076
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:24904
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:4736
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:9648
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17452
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17908
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:7324
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12608
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:21708
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:5860
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9476
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:11328
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:21724
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4828
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9924
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20860
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7436
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:14676
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24420
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2344
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:2380
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3680
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:5544
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:10452
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:20188
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:10892
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:20472
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:7676
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:10208
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:1608
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3632
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:5928
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9748
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20196
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4948
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9916
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20908
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7608
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:16316
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22740
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2568
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4484
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8792
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17160
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:13888
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7088
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11528
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:21700
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3948
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:6416
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9176
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17140
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24880
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5276
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12424
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3268
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7916
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10492
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17252
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:21716
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10952
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20312
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:592
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:3068
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3056
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3848
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:6300
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:10564
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:20360
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:5156
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:12400
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:20820
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:7892
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:10936
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:19264
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3776
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:6148
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:10532
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:16292
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:24104
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4656
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:11396
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:18176
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7720
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10960
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:2956
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2844
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:2244
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:6872
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:11360
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:22692
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:5600
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8804
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17200
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:13936
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:8752
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17088
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24208
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3744
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:5828
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10388
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20156
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4132
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11248
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22140
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7828
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11380
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3232
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:1676
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3076
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4968
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8284
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12632
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3612
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7644
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17068
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:8776
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3700
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7108
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11552
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22732
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6012
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10444
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17260
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:24820
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:640
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4856
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9908
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20852
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7424
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:12900
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20868
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4064
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7216
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:13236
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:24800
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6088
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10412
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20244
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24836
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1032
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:352
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1880
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:2564
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:4536
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:8596
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17476
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:24812
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:7232
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12524
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:18284
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3828
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:6276
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:12468
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17844
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:10504
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17036
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:24272
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:5148
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:11232
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:21276
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7868
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10284
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:21664
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2716
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4424
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9224
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:13252
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17932
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7064
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11512
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20444
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3912
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:6372
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12408
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20788
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9144
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17112
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:6368
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5240
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12376
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20836
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7924
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11204
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:23480
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:828
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2548
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4576
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8264
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:14544
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20252
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7252
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12548
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24332
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3920
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:6444
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12440
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:24396
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9460
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:16068
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5260
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11224
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24496
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7932
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11296
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:21284
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3060
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3724
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:5596
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9940
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20900
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5040
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10796
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:2340
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7836
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11256
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:1180
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3640
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5912
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9168
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17152
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:13708
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4956
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10428
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20216
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:7636
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:16332
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:22708
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1172
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:556
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3088
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4932
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9948
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20164
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7576
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11304
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20484
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3944
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7188
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12692
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20924
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6124
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11240
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24428
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10420
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20172
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3172
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5000
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10804
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20804
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7668
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17104
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8208
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3396
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7524
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10464
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20276
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11504
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20452
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:5560
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10396
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20236
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:448
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2484
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4396
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:8840
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:16324
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22716
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7052
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11488
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20420
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3200
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7132
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11436
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17924
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:5608
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:9016
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20204
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:3048
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4116
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7348
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11272
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:23496
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6360
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:9008
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:16308
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24112
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:3804
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6168
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:12392
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20828
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10812
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2728
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:4416
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:12384
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:21632
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:8276
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:12652
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:20780
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2744
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1048
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2180
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1744
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:1596
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3520
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:5792
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:9212
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:20368
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:4820
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:10876
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:20876
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:7444
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:14636
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3676
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3556
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:5872
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8144
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:12600
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:3732
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4812
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9628
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20384
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7376
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12664
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20844
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2796
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:3872
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:6320
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:12368
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        8⤵
        
        PID:17852
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:10512
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17224
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:5176
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8108
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:9740
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17440
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:23068
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7900
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10944
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:18148
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3756
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:5852
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9932
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20916
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:156
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10836
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20716
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7684
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11368
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:21692
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:996
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2196
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8552
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:20268
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7592
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11444
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20304
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3752
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:6652
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:13244
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:1284
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6036
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12460
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:18304
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9772
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17460
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9892
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:1588
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4844
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9000
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17532
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:24264
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7392
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12476
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:18348
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11496
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:22668
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3836
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6760
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:12584
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:18168
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6096
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9348
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20400
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10436
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:17396
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:800
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:848
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:2268
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4444
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:8784
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:17216
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:24872
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7080
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11520
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22660
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3480
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7032
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:11472
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22700
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:5808
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9468
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11312
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:24488
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2552
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4232
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:8648
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17428
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6764
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9452
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:16212
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17792
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3820
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6208
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10820
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20772
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:5140
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:12416
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:21656
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:7860
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10248
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20756
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:720
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2960
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4560
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9204
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20376
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7244
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10316
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22652
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:12564
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:18144
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4068
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6712
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8136
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20352
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:5568
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8160
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10252
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20736
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:8760
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:17244
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:22764
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:2900
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4180
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8268
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17188
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8800
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6644
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:8168
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20412
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:3812
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6192
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10524
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:17388
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24792
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:5124
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:11412
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:18376
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:7844
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:10256
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:21424
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:1984
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2228
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2148
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:3352
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:4452
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:11388
        
        C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        7⤵
        
        PID:6348
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:7568
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:17168
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:13896
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4244
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:8100
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10220
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:13684
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6692
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8176
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20812
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3320
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4568
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10844
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:21292
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7732
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11344
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:18160
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4252
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8124
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11280
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:17956
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6988
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:11428
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20492
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:296
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2448
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4748
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:9620
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20436
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7336
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10324
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:22684
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:12892
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20796
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4092
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6912
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11420
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:23488
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:5584
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:8768
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:17208
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6384
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:2592
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4604
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9196
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20884
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:7268
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11216
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:22756
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:25480
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:12556
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:18296
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:3880
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6336
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10572
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20292
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24888
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:5188
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:12432
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:21520
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:7416
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:11480
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:22676
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1668
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1792
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:2600
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:4644
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:10884
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:20464
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7452
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:16248
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9992
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4056
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:6752
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:12448
      - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        6⤵
        
        PID:18444
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:9444
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:16256
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:24200
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:5496
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:8116
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:11288
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:24436
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:8616
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20344
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:2532
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4464
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:7944
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:14652
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20224
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:7072
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:11536
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:3224
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:3904
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:6396
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:9024
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:17416
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24312
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:5224
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:11404
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24220
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:8184
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:10288
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:20764
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  PID:2384
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:2864
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:4892
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:10828
    - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
        5⤵
        
        PID:20428
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:7660
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10928
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:20892
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:3652
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:7356
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:12644
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:21684
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:6004
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:12496
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:24404
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:9160
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:17060
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:24912
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  PID:3044
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:4992
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:10404
  - - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
      4⤵
      PID:19332
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:7652
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:16276
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:22748
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  PID:3768
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:6184
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:11544
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:22724
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  PID:6048
- - C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
    3⤵
    PID:24896
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  PID:9732
- C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\939a9412f9cfd7fb148d563b3e4f9c60_NeikiAnalytics.exe"
  2⤵
  PID:17540

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\horse girls (Tatjana).zip.exe

Filesize
1.5MB

MD5
4e23a113143bd7cdc9ae53d45567bbc4

SHA1
e05192a74575212db18e2ece10d779a0151d6bf0

SHA256
d019b5366cddfa273b46e874a45f00fa84958b12b8568c2f29ad3afa4849ad90

SHA512
453fa0d68c0e528a5cf86b137e61d10d13191a8ceb69585c8f9282bfe14489abaf5b56f83a78184324d0cb7acd6db54601d152a3e21af9bf8f5ec81579285d53

Download Submit
C:\debug.txt

Filesize
183B

MD5
cc8cefb65447a6d5306c79aa960ad98c

SHA1
f038ea3b82836f9b77c5d5fb63b6684e3f4c04ba

SHA256
70bfeb3dd3f549ea1b5df03b52549cd307321ef6387fa29e8220418cd7f841b9

SHA512
aaf6ce91cef1797a3cb512685ff5ad900e032aed7529b6e3ab577c5bbc1e8f2eff4d4b3442249f4d498eb0b38e97339bc276d6247d64695bf7ee5f90dc85fb04

Download Submit
memory/296-141-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/352-102-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/352-117-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/352-153-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/448-122-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/448-135-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/556-145-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/592-156-0x0000000004E30000-0x0000000004E4E000-memory.dmp

Filesize
120KB

Download
memory/592-118-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/640-185-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/640-167-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/720-139-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/800-124-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/800-109-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/828-131-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/828-120-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/848-137-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/996-138-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1032-107-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1032-93-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1048-94-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1048-108-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1172-119-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1200-91-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/1200-104-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/1200-89-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1200-100-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1448-114-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1448-126-0x00000000043F0000-0x000000000440E000-memory.dmp

Filesize
120KB

Download
memory/1448-97-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1588-171-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1596-142-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1596-152-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1668-111-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1668-125-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1676-143-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1744-130-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1792-140-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1880-133-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1880-121-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1952-151-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1984-110-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1984-96-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2088-147-0x00000000045C0000-0x00000000045DE000-memory.dmp

Filesize
120KB

Download
memory/2088-127-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2116-95-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2116-411-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2116-251-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2116-90-0x00000000047E0000-0x00000000047FE000-memory.dmp

Filesize
120KB

Download
memory/2116-0-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2116-113-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2116-59-0x00000000047E0000-0x00000000047FE000-memory.dmp

Filesize
120KB

Download
memory/2148-146-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2180-115-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2180-101-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2196-183-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2228-106-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2228-123-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2268-180-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2344-132-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2380-154-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2384-144-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2448-170-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2484-179-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2532-172-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2548-166-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2552-162-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2564-165-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2568-173-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2592-168-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2600-177-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2620-99-0x0000000004580000-0x000000000459E000-memory.dmp

Filesize
120KB

Download
memory/2620-98-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2620-92-0x0000000004E20000-0x0000000004E3E000-memory.dmp

Filesize
120KB

Download
memory/2620-88-0x0000000004580000-0x000000000459E000-memory.dmp

Filesize
120KB

Download
memory/2716-164-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2744-103-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2796-158-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2796-150-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2828-129-0x00000000045D0000-0x00000000045EE000-memory.dmp

Filesize
120KB

Download
memory/2828-105-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2844-159-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2864-186-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2900-163-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2960-161-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2960-178-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3020-136-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3020-148-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3048-160-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3056-149-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3056-157-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3060-155-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3068-128-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3068-116-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3088-169-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3352-174-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3384-181-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3404-182-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/3472-184-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download