c37548f737493131149a281d2d9a3f01c4214298c35765984eab8d70a92c0e6f

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-05-2024 12:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
Size

78KB
MD5

e7d43bc5702a6a111e4ca3b90e025b70
SHA1

27f84c40192e15920b3eacb42eccc36645b1f893
SHA256

c37548f737493131149a281d2d9a3f01c4214298c35765984eab8d70a92c0e6f
SHA512

2bbbee0e0294cf49855a9ecce0f57727ccc58dfdd953145018751b76d1d64de8b898f1cd84ef0bae7c8fdadd42e05dcbd2c1efbb2cf3d22976ee7041d9450577
SSDEEP

1536:W7ZDpApYbWjnWf05PG0PG26IvxvWyCUyC9RE:6DWpDWYPxPTJe4E

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3432) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libkaraoke_plugin.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\pack200.exe.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\SIGNUP\install.ins.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-3.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-execution.xml.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatialaudio_plugin.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui_5.5.0.165303.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\ja-JP\MpEvMsg.dll.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\mpvis.dll.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCallbacks.h.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\uz\LC_MESSAGES\vlc.mo.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\gadget.xml.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InputPersonalization.exe.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-back-static.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-3.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\en-US\Journal.exe.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_m.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\imap.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadox28.tlb.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\HST10.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\feature.xml.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnssci.dll.mui.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\bg.txt.tmp	e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\e7d43bc5702a6a111e4ca3b90e025b70_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3452737119-3959686427-228443150-1000\desktop.ini.tmp

Filesize
79KB

MD5
cb9eecf653263d25a6f553f29947deae

SHA1
a27ecd48347e3a08337c8d367f1b4938d5e48b8d

SHA256
bb49e5564a05ff2763d8b2ea6928193d51c76881349d684f27b9c8b721fa6d05

SHA512
e1a384b32a54e6b4603d61eb7d79ed71d4736d7ddbdf59ba5159a9b35fd0bd65547c7672d251a016409b5a8721e73e78445bf35bcd8bca4659363132c7fff625

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
87KB

MD5
e7ac3685d49bb8ee70c4e8f4daf4da4c

SHA1
bf8fd167b85c09f6cef6ae72eafdabe1cb6bea24

SHA256
a6541c824b341ac8b0302772d66df7c109b3ebe090a6a0f021f4f815ba601988

SHA512
bf3011a28d144ff39274601e6e287da049220e1e93fc33144531072e777cb6c8741abdbc90c8ce494453f44ee4719b1a71ba1b47ed5751bb7ad72e03f72eb0c5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads