9fc19089cc17f1071db0eeeb72b744d12804776ac5e00155f9fd9b10657b3b3d

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 02:08

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
Size

151KB
MD5

55aaceb53207d8bc756994c5ada99c80
SHA1

599f3bd9c7818feb0d229866ebc3de2dff3e4ff6
SHA256

9fc19089cc17f1071db0eeeb72b744d12804776ac5e00155f9fd9b10657b3b3d
SHA512

1f5fb1f538870bc331d16b4edccdf5f86e46e302caa4dd034fe5326a1f73c871c1fe5c9ffd4925dcb878eeead3832462c30642aee6e47a290fa2751684aa6c7c
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZz7Tib+1FR4eCLOhj0Yiexj/:RqKvb0CYJ973e+eKZz7TiGFRkC0U

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3318) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\awt.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\DVDMaker.exe.mui.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ps.txt.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\alt-rt.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\status.xml.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\youtube.luac.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdaremr.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\plugins.dat.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\LICENSE.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadrh15.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Taipei.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\offset.ax.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fil.pak.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Tirane.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\MET.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Jakarta.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libamem_plugin.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.common_5.5.0.165303.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Madrid.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\keytool.exe.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Web.Entity.Resources.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\PassportMask.wmv.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\conticon.gif.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Nipigon.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\status.json.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-compat.xml.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\Folder-48.png.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libhttps_plugin.dll.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar.tmp	55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\55aaceb53207d8bc756994c5ada99c80_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2524

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3452737119-3959686427-228443150-1000\desktop.ini.tmp

Filesize
151KB

MD5
720704e04343644bdd43ae04bafbd558

SHA1
c07423e5567b80e26adda300bbdc477ae436d800

SHA256
22813b61cfffb3041434ef52ad43ca5c1078caf55192e1666a3bd5e4ab75433d

SHA512
973d5fd710e19329dbe416d6110f6cc99630fc21c07101fa2f637033cfd05e4cf8103694a08d66420833c8afd346af17ea5664eec3fc3873e320da0ec3221309

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
160KB

MD5
3db183c994bbd6d22934702df54f3692

SHA1
6ce75949948e1682661de680c1431777223db35c

SHA256
d6e77cf06a72a9bc788ea6cc2bd337dce51136c2e7a982de68df018ffddf9793

SHA512
67a9309fdc0f1c4aca213b3867f2235ba666bf80c9fb35ceb5455595e37b255529038c2ef4410e81f487b2bf464aec423361bc8e055a38bf1cba22ac016c96bd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads