f34cfdd559b9e70bb0aad506d24e441a40c0f1be2cbca855c228860765761c1f

Analysis

max time kernel
149s
max time network
125s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 05:54

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
Size

80KB
MD5

8d60e0da055dbe4cb08afb92a9503220
SHA1

fc1b843c22afd00312a58d2b2f3a6735e77e5b93
SHA256

f34cfdd559b9e70bb0aad506d24e441a40c0f1be2cbca855c228860765761c1f
SHA512

56e2c7609466093b588718dbb4d1c62bf2d9f7bf83934a25124f6f93e157edde98eecd2841b088fda152fbad03a33feb3dbfd81a6ca33b9a0939b9998fdbf133
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/EQg:6e7WpMaxeb0CYJ97lEYNR73e+eKZs

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (513) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresslm.dat.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\203x8subpicture.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lv.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaremr.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\manifest.json.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_ButtonGraphic.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\it.pak.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IPSEventLogMsg.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_elf.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsoundds.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msadcor.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_photo_Thumbnail.bmp.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\klist.exe.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\title_stripe.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ps.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipRes.dll.mui.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ku-ckb.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nn.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pa-in.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\offset.ax.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7z.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7zG.exe.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\d3dcompiler_47.dll.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\be.txt.tmp	8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\8d60e0da055dbe4cb08afb92a9503220_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
80KB

MD5
4efe62b1f76ba6a2569b0e77c55d79d4

SHA1
4bec0ea1e853ecdf10d0ada05e1abcbca5054e0d

SHA256
0b908baa1fb7f479db7e9bfa5be31f882ca9734e5f4fe90e2cf357f7bce19ea1

SHA512
2cbde9a0878c5fe9c4f706960247288fd2da3e78b4e1ba844df71a3856765ee1b50d3ba4d74c59f0c9a8b67ce25486b1eda3f3198dd7a67cb9bf7a5e49b5b8c6

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
89KB

MD5
178bacdc30880f6267f2e06bde891599

SHA1
fe05e584901c7c769fb864da257b7783ee866867

SHA256
c9eb2b7a33b56025aad58b716afa4a3b44e7d2dcb7f08fe94d64078cef888380

SHA512
6ff511c92a6b1d25a4ab862cf60c9fff82197dd04774c83d102e8c55e538fcfed28afe996537e4a34b30cc78b16b5ac35be759b16c9002acf490d80618762999

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads