35c2e84c91a6974d835a3dbfa39a5877b0e5773e6e0893e40e0ec186a039cf9e

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 12:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
Size

268KB
MD5

defacf11530734af4ada2da80b72cf00
SHA1

77640974728e7500c6c4f4fab8481f38aa7cbb40
SHA256

35c2e84c91a6974d835a3dbfa39a5877b0e5773e6e0893e40e0ec186a039cf9e
SHA512

fe190fbf491b5dbe1ec9d8a55eb116f0a19bdbd5a3dab44dd82579b40575e7dc0aefc939d40a86603fab72735056b33345cc6184e6f19a2c7e3cafa39437da84
SSDEEP

6144:RqlIyFESWu0SWuGS4nNcbLnKjz47fiD+NZXoxSFM:tyKn+bLKjTDgZXon

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2842) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-environment-l1-1-0.dll.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\bckgRes.dll.mui.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\desktop.ini.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\en-US\bckgzm.exe.mui.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\Logo.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-heapwalker.xml.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\server\classes.jsa.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadce.dll.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Accra.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository_1.1.300.v20131211-1531.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_zh_CN.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\EST5EDT.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG_PAL.wmv.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\Chess.dll.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\notes-static.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationProvider.resources.dll.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad.xml.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\images\bing.ico.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Gaza.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\ssv.dll.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Petersburg.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tijuana.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcor.dll.mui.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Godthab.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javafxpackager.exe.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.tmp	defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\defacf11530734af4ada2da80b72cf00_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
269KB

MD5
02be07bf3d62b49e360c6deef24a0a72

SHA1
ecf069459a29fd742b11ef4a236b373a8bbdb511

SHA256
707f7620293e9c832cd41c357b8934fb242e8576fc121f6554871e7e553acb02

SHA512
44794badaf987e99940411cf10a56b747882dd4ee2bcd9c1385b4add565efa7af7feef661efd99cee8b30f7e0afb47f69f65c49e832eba92ca886c2b234ce4f9

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
278KB

MD5
8614ef2e96dbe8d142ced0861a8805e7

SHA1
619e94763a198f78c394397931a4525590b70817

SHA256
845ff011e8f3117e1eb4d4cd150f0b72e329422a8da1ba9fc57d42ff3dc9737f

SHA512
86b04f2576ce6e24686a26ecc30d10b75d0b3a94dc75a4c55132d18c1f556d14bc3f49ee201168ff6e2fd16a6cda1fe82856c9b30c4a2d162c972d97be5b4bba

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads