458f903ab2eedaa15a05a9fb7871d6b3fdcd4a6b9577206afc6c64fbb7d9afbc

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
10/05/2024, 19:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
Size

137KB
MD5

60ed030f25fe2407d43de75087e47ab0
SHA1

21df975f848dbd26b42c3d39d2488e3edfe8a805
SHA256

458f903ab2eedaa15a05a9fb7871d6b3fdcd4a6b9577206afc6c64fbb7d9afbc
SHA512

4d775f4aee117a5cfe52211a1c0da06caffa62abff6a5f050865b82550e8ec8b28e2859fa17d1b409a4e73a5ccf072bcb39913fba0018c8e7f7019f24d3963b1
SSDEEP

1536:/7ZQpApUsKiXBvzwvzXJvlwJvltbDUYU/:9QWpngTJdwJdtbDUYU/

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3441) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\CET.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\VideoLAN Website.url.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pt.txt.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\snmp.acl.template.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.Printing.resources.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipRes.dll.mui.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\ext\sunec.jar.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Windows.Presentation.resources.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\vlc.mo.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Catamarca.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-tabcontrol.xml.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jawt.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\en-US\chkrzm.exe.mui.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.DLL.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\oledb32r.dll.mui.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Currie.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Sofia.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\java.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\vlm.html.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jce.jar.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\de-DE\PurblePlace.exe.mui.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Srednekolymsk.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\installation_telemetry.json.tmp	60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\60ed030f25fe2407d43de75087e47ab0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
137KB

MD5
6481f0a4ce3f4b96b972581e268edb59

SHA1
81ad002e2467a7b5885fb25719a2ca8252315604

SHA256
cc6c610ae9b8a9e3fcb69775ee51259b03bf9284a908839c6df4ec2b38305940

SHA512
e7d92082f40950f0f4d58e211182e5e00f20e12a8984e8d7709f41e7a099e9aa4f99060a4822fe7a99fb88eeb472bb7250243d3e568284e38e60ff717a90ac0f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
146KB

MD5
1c9b52d4b0ad63b9a02a16746ed9b0f9

SHA1
231d69043138a22baa885f1233ccaf6b5932d9b6

SHA256
c4a24356a962f3463efdd4788c58428ee57b13fe6b2d4421228ffa79aa9c6c2d

SHA512
6a1a3f7d977ee57e9f66f6d548aa028b5eb340b2571045936878ef9206144c6c5fda697ba2a3e57c77520337dbf0f4de1879a64d80b118d3f2968660a5589563

Download Submit
memory/1700-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/1700-484-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads