2d8f693338cab189d7a582ba27d0929c1e2c5b2f3af329d294884a142a80ab8f

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 07:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
Size

1.5MB
MD5

a3bd5945c1d34fe5aa13f7a67c606e20
SHA1

6edf4001858bff9423c906263b8cd68a6cf82d28
SHA256

2d8f693338cab189d7a582ba27d0929c1e2c5b2f3af329d294884a142a80ab8f
SHA512

3ab234f0fe5553a8fb9eb11316c1989d7d9ebfba487a17b52d33e1e0686c6ff61fa80117c94b310ad3ad07f40d203fa826b698afb6a0848e4768070b19b5ee20
SSDEEP

24576:A84ZePyDC5gQlhk7+DYFQ/ndxepL5r2aQywgqgSQ7+zB0Gl4BuRGzMArYIa:A28CqQrkQPdcB5r2NIqPQQiBgj

Score

7^/10

persistence spyware stealer upx

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1752-0-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/files/0x0007000000014430-5.dat	upx
behavioral1/memory/2844-56-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2844-91-0x00000000045C0000-0x00000000045DC000-memory.dmp	upx
behavioral1/memory/2852-92-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2856-93-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3004-95-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1636-97-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1752-98-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2844-100-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1460-101-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2812-103-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2852-102-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/844-105-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2856-104-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1320-108-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2060-109-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2912-107-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1636-110-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2512-113-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1288-112-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1688-111-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1752-114-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1692-115-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1460-116-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/844-118-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2812-117-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1320-119-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2060-120-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2512-122-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1288-121-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2632-124-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/540-125-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/332-126-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1496-127-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1244-129-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1868-131-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/308-132-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1040-133-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1524-135-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/448-136-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1488-137-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1168-139-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1044-140-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1672-143-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2628-144-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/568-142-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1780-138-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3012-145-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1524-148-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1748-149-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1612-150-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2444-151-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1600-153-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3060-154-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2628-156-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1988-155-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1984-158-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2696-159-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2780-160-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2584-163-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/3024-164-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/2136-165-0x0000000000400000-0x000000000041C000-memory.dmp	upx
behavioral1/memory/1736-166-0x0000000000400000-0x000000000041C000-memory.dmp	upx

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\Y:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\E:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\I:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\M:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\S:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\U:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\X:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\G:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\H:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\T:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\V:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\W:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\B:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\J:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\N:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\O:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\A:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\K:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\L:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\P:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File opened (read-only)	\??\R:	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\FxsTmp\gay hot (!) cock .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\russian cum sperm [milf] girly (Anniston,Janette).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\italian porn trambling [milf] 50+ (Kathrin,Sylvia).rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\italian gang bang sperm girls .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\handjob trambling big hole young .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\tyrkish fetish lesbian girls cock .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\russian porn horse [milf] titts .mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\lingerie hot (!) girly .mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\xxx sleeping high heels .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\indian kicking gay hidden cock boots .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\brasilian action beast masturbation boots .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\italian porn bukkake several models traffic .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\sperm uncut .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\gay [bangbus] 50+ .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\danish porn lesbian [bangbus] titts black hairunshaved (Samantha).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\blowjob big hole .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\brasilian action lingerie [free] feet .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\american cumshot sperm lesbian .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\italian porn gay [bangbus] sweet .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\trambling catfight fishy (Jenna,Janette).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\italian cumshot xxx full movie latex .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\bukkake voyeur cock stockings (Melissa).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\trambling masturbation .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\lingerie licking upskirt (Sonja,Melissa).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\black cumshot sperm voyeur feet 50+ .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\PLA\Templates\sperm public upskirt .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\trambling catfight feet castration (Melissa).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\british fucking big glans ash .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5803850b2f40840e\chinese lingerie [free] feet .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_8bfc34b93f0fdd42\animal horse masturbation feet .mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\brasilian kicking trambling hot (!) sm .mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\black handjob sperm big (Jade).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\african xxx [milf] black hairunshaved (Sonja,Karin).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_8c6fc5a7aa8c435d\bukkake hot (!) mature (Sandy,Sarah).mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_6.1.7600.16385_none_6377027f0030a06a\xxx hidden (Liz).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\bukkake sleeping (Samantha).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\lingerie voyeur (Sylvia).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_6.1.7600.16385_none_5499606faffb3f9f\fetish blowjob licking hole .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\italian nude hardcore uncut traffic .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_f27c4f066f5c6701\chinese blowjob several models beautyfull (Sonja,Melissa).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\trambling girls feet shower .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\handjob beast several models young .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\black horse lesbian full movie mature .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_es-es_8bc7919d3f36cee7\hardcore big (Jade).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\trambling full movie (Curtney).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\japanese action xxx several models cock shower (Jade).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\lesbian voyeur feet stockings (Janette).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8d9f242de8497d58\chinese horse masturbation (Sylvia).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_97a45841ff925aa0\xxx catfight wifey (Gina,Karin).mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_1412267f4b3bb985\animal bukkake big (Janette).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\american nude horse [bangbus] glans wifey .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_293ea1e3e6bc5364\african gay full movie beautyfull .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\asian xxx girls glans hairy .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\beastiality bukkake [milf] shoes .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_it-it_18a6fde3093acac7\malaysia sperm [free] black hairunshaved .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\InstallTemp\nude beast hidden .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\italian action gay [milf] bondage .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\indian horse xxx big .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\black porn hardcore [bangbus] penetration (Ashley,Sarah).mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\swedish kicking gay [free] circumcision .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p..al-securitytemplate_31bf3856ad364e35_6.1.7600.16385_none_49dd84a06c7c8863\british hardcore hidden sweet .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\black gang bang gay catfight glans .mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\italian action fucking [milf] glans 40+ (Liz).rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_2fc4a33adb648f33\spanish bukkake girls glans .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ad7c61fb28607522\blowjob uncut hotel .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\tyrkish fetish blowjob [milf] pregnant .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\danish kicking gay catfight feet hairy (Melissa).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\indian animal trambling sleeping (Sarah).mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_d81c96999f75bd77\spanish gay girls castration .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_f25d066604c2ad34\handjob lesbian girls .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b4aea777fe683838\american handjob blowjob public beautyfull (Ashley,Janette).rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_34400a5790d1d336\chinese gay voyeur cock (Sandy,Curtney).zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_39374e2435a71b47\handjob trambling [free] pregnant .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\lesbian catfight pregnant .mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_en-us_00f45b041e1e8fd3\brasilian kicking sperm licking .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0af98f1835676d1b\danish animal lesbian voyeur feet sm (Sylvia).mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.1.7600.16385_none_a727eb798dcfb185\tyrkish animal sperm voyeur .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\spanish horse lesbian (Janette).avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\brasilian cum fucking big feet .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\Downloaded Program Files\danish cum fucking lesbian pregnant .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\action trambling big feet .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_9498b282333b64ec\chinese lesbian hidden .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\swedish nude blowjob [bangbus] cock girly (Jade).rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\danish nude beast catfight .rar.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\japanese cum lesbian [bangbus] ash .avi.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\russian beastiality gay full movie high heels .mpg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_2e7f079c3208e549\african beast hidden hole (Britney,Sarah).mpeg.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_dba3691c6002e10e\malaysia bukkake full movie cock .zip.exe	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1692	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1460	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2812	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1320	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2060	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1288	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2512	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2632	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1692	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
332	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
540	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1496	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2812	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1244	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1460	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1868	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
308	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1040	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1040	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1488	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1488	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
448	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
448	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1780	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1780	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1168	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1168	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1752 wrote to memory of 2844	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	28
PID 1752 wrote to memory of 2844	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	28
PID 1752 wrote to memory of 2844	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	28
PID 1752 wrote to memory of 2844	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	28
PID 2844 wrote to memory of 2852	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	29
PID 2844 wrote to memory of 2852	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	29
PID 2844 wrote to memory of 2852	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	29
PID 2844 wrote to memory of 2852	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	29
PID 1752 wrote to memory of 2856	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	30
PID 1752 wrote to memory of 2856	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	30
PID 1752 wrote to memory of 2856	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	30
PID 1752 wrote to memory of 2856	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	30
PID 2852 wrote to memory of 2912	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	31
PID 2852 wrote to memory of 2912	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	31
PID 2852 wrote to memory of 2912	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	31
PID 2852 wrote to memory of 2912	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	31
PID 2856 wrote to memory of 3004	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	32
PID 2856 wrote to memory of 3004	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	32
PID 2856 wrote to memory of 3004	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	32
PID 2856 wrote to memory of 3004	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	32
PID 2844 wrote to memory of 1636	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	33
PID 2844 wrote to memory of 1636	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	33
PID 2844 wrote to memory of 1636	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	33
PID 2844 wrote to memory of 1636	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	33
PID 1752 wrote to memory of 1688	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	34
PID 1752 wrote to memory of 1688	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	34
PID 1752 wrote to memory of 1688	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	34
PID 1752 wrote to memory of 1688	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	34
PID 2912 wrote to memory of 1692	2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	35
PID 2912 wrote to memory of 1692	2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	35
PID 2912 wrote to memory of 1692	2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	35
PID 2912 wrote to memory of 1692	2912	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	35
PID 3004 wrote to memory of 1460	3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	36
PID 3004 wrote to memory of 1460	3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	36
PID 3004 wrote to memory of 1460	3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	36
PID 3004 wrote to memory of 1460	3004	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	36
PID 2852 wrote to memory of 2812	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	37
PID 2852 wrote to memory of 2812	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	37
PID 2852 wrote to memory of 2812	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	37
PID 2852 wrote to memory of 2812	2852	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	37
PID 1636 wrote to memory of 844	1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	38
PID 1636 wrote to memory of 844	1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	38
PID 1636 wrote to memory of 844	1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	38
PID 1636 wrote to memory of 844	1636	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	38
PID 2856 wrote to memory of 1320	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	39
PID 2856 wrote to memory of 1320	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	39
PID 2856 wrote to memory of 1320	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	39
PID 2856 wrote to memory of 1320	2856	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	39
PID 2844 wrote to memory of 2060	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	40
PID 2844 wrote to memory of 2060	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	40
PID 2844 wrote to memory of 2060	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	40
PID 2844 wrote to memory of 2060	2844	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	40
PID 1752 wrote to memory of 1288	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	41
PID 1752 wrote to memory of 1288	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	41
PID 1752 wrote to memory of 1288	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	41
PID 1752 wrote to memory of 1288	1752	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	41
PID 1688 wrote to memory of 2512	1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	42
PID 1688 wrote to memory of 2512	1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	42
PID 1688 wrote to memory of 2512	1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	42
PID 1688 wrote to memory of 2512	1688	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	42
PID 1692 wrote to memory of 2632	1692	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	43
PID 1692 wrote to memory of 2632	1692	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	43
PID 1692 wrote to memory of 2632	1692	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	43
PID 1692 wrote to memory of 2632	1692	a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1752
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2844
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2852
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2912
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:1692
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2632
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:1524
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:3336
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:5492
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        10⤵
        
        PID:13828
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        10⤵
        
        PID:18260
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:9148
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:17732
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:4496
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:8428
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:11208
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:1668
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:6688
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:9792
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:22116
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:3324
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:5428
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:11408
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:17544
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:8184
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:15552
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:4488
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:7480
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:15520
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6668
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20676
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:11136
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:12260
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:1748
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:3408
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:5620
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:11416
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:17552
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:8364
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:23072
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:12832
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:9224
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:4652
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:8864
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:17908
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7124
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:11216
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:688
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3392
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:5588
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:12120
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20840
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9080
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:18012
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4604
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9548
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17740
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6880
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:15384
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:11160
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:20936
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:332
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:1612
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:5688
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:20800
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:8668
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:15512
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:4512
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:10564
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:21428
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7380
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20752
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:14680
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:5712
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:10400
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:17996
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9008
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17972
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4820
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9460
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17496
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6648
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:15028
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:13460
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15120
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3060
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3780
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6496
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:13556
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:17376
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10296
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:18656
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5208
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10956
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:21412
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8008
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:14012
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:23424
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3508
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5884
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:13872
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:15416
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9028
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17892
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5028
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9744
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17748
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6708
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12792
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8840
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2812
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:540
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:2444
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:3664
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:5720
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:22228
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:9332
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:17564
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:4556
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:10392
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:18680
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7496
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:12824
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3484
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:5856
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:10724
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:21396
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9064
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17924
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5020
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:8968
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17868
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6736
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9144
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:13276
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:1988
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3760
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6588
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20660
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10356
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:21380
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5136
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10448
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:18332
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7932
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15536
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3500
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6036
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:11040
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:22308
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7536
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:10316
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:18340
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5060
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9100
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17848
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7352
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:13896
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15108
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11456
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20620
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1244
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:2696
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3968
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6820
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20636
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10600
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:18672
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5608
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:12808
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:14560
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8380
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:12136
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:20548
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3728
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6408
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:13888
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:15392
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9000
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17708
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5184
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:10580
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:21404
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7948
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15452
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6812
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:2628
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3720
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6524
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:20108
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9784
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:22236
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5196
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8960
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17580
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7584
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15400
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15832
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:3520
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5960
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9092
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:19900
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8044
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:14052
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17860
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:5048
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:10212
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4076
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7372
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:12768
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:15144
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1636
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:844
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1780
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:1792
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:4856
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:9824
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:21348
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6676
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:18120
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:13452
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17384
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4228
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:8204
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:15528
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6324
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:22268
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8952
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17652
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:2392
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4792
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9256
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:19908
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6660
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:12776
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9184
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4144
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8080
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:11184
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:21316
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5384
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:11392
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17660
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9572
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17692
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:308
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:2584
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3532
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7288
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20124
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:12436
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:19832
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6000
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10488
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7636
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8056
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:14036
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17796
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3912
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6944
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:13920
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:1108
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:11008
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:21324
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5392
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9108
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17948
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8032
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11152
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:22252
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:2136
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4128
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8072
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:14020
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15088
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5296
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:13840
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15712
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8340
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12168
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20580
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4064
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6848
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:10328
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:21276
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:5640
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11376
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17684
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9072
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17916
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2060
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:1672
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3176
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5100
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10348
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:21284
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7556
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:14028
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17356
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4404
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8356
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:12176
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:20628
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6696
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:20564
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11144
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:21332
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:2568
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4880
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9472
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17676
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6332
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:14252
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4248
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8540
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:13512
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6308
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:13928
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15412
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9564
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17700
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:448
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:1248
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4548
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7924
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:11168
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:23448
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6912
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:13912
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15052
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12496
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:1004
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:3712
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7152
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:2112
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:14672
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6080
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:10336
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20776
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7544
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:13248
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:2068
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4688
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9160
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15440
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7132
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17448
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:10868
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:20928
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:3940
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7708
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:13816
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:16064
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:5280
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:20876
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:8348
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:13176
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:12184
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:20612
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2856
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:3004
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1460
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1496
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:1600
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:6568
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        9⤵
        
        PID:15468
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:9800
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:21364
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:10180
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:21356
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7224
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:20684
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:12424
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:19840
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3476
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:5968
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:11400
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        8⤵
        
        PID:16656
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:7624
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9864
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17764
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10172
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:22292
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6728
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:14092
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:1984
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:3888
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6804
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10592
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:18664
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5364
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10456
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:18004
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7616
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15560
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3704
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6220
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:13904
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:15068
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9356
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17668
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4628
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8980
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17588
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7268
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12416
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20556
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1868
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:2780
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4032
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:6964
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10964
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:21436
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5656
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:13856
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9048
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17980
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3808
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:6516
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:22300
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9776
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4864
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5216
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:10424
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:18640
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7960
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:14044
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15076
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:3024
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3944
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7772
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:12528
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:19000
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5380
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:13880
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15292
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9040
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17956
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4056
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6780
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:976
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:10716
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:18648
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:5628
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11448
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20792
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:8388
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:12128
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:20760
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1320
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:1044
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3160
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:4700
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:8992
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:17596
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7844
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:10220
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:21340
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4372
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7608
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15504
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6712
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11048
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:21372
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:1068
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4736
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9120
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17572
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6476
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:18040
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:14224
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4104
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7232
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15592
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:5340
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20888
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9056
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17884
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1040
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:1736
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4212
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:7984
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:9156
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:12816
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:22052
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6452
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:23264
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9760
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:22284
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:3232
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6348
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:15124
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12536
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:19856
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:5728
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:10572
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:21300
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9372
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17064
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:2420
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4576
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9168
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17724
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6896
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:10948
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:21308
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:3352
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7308
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:11464
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:20768
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:6020
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:11384
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17072
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:7588
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:18084
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:9856
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:17716
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:1688
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2512
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:3012
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:3248
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5288
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:10900
        
        C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        7⤵
        
        PID:20944
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8024
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:14060
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:23432
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4432
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:8332
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:12160
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:20668
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6608
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:10908
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:21292
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9848
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:16700
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:2088
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4956
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9556
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17636
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7144
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:13484
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8976
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4308
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7816
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:14076
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17436
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6632
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:19864
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:10288
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:18324
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1168
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:1872
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:5004
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:9448
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:17620
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:6684
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12760
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9188
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4296
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8796
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15544
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6340
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:13864
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15084
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9768
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:21420
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:2968
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4712
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9196
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17988
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7016
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17380
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:11176
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:20572
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:3744
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6620
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:12784
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9580
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:5124
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:11528
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17532
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:8000
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17864
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:14068
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:14980
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1288
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:568
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:3224
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:4612
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:10364
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:21388
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8040
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:11192
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:22220
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4424
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:7188
      - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        6⤵
        
        PID:5684
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:17876
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6640
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:22276
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:10304
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:18316
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:2656
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4912
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:9812
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:19892
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6624
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:12144
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:20644
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:4236
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:7968
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:13992
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:15448
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:6356
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:22260
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:9752
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:21184
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1488
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:2928
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:4260
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:8604
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:12800
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:10940
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6300
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:15676
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9364
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:17756
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:1332
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:6364
    - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
        5⤵
        
        PID:20784
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:14264
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:5840
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:13600
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:15060
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:8372
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:12152
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:20652
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  PID:2208
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:4596
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:9176
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:15568
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:6920
  - - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
      4⤵
      PID:22244
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:12460
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:19848
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  PID:3788
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:7576
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:10072
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:17644
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  PID:6052
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:12004
- - C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
    3⤵
    PID:20604
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  PID:7564
- C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\a3bd5945c1d34fe5aa13f7a67c606e20_NeikiAnalytics.exe"
  2⤵
  PID:12840

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\sperm uncut .rar.exe

Filesize
1.8MB

MD5
d1fb407f43453cb792a5d7116e7f80ff

SHA1
b78eff20f5ef10adbbeab4c05dd03f856dfce74f

SHA256
8d7e58169d4bac5108f35d34b3f5d62faa6a1d0dcceaeed7221f3670964e5f4b

SHA512
c168999155dda8138f1bfa55bf3193ba9825b455f94ab32c229487490c3b50fb933f4b330ea234b7acd9823d9083c883d298a3098093161244a69a4dc4c63b8c

Download Submit
C:\debug.txt

Filesize
183B

MD5
e0e671ed6d74737bebc55de786daa892

SHA1
e69a75f65805a64d7d841b71cf8e10ec9f3afb62

SHA256
e812e6a48c863266674791faaf4edc0ce7a0db6ab73e2653843e565e8ecf1260

SHA512
c3bc6f8e491a611ce2be45875d85a30f1080fab1e7dbb1e530c182fade87d54b9b029ea4e15c5ceb553a0cb125fc5e9597c61af6e4d63e62a21c6055ddc4b4ed

Download Submit
memory/308-132-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/332-126-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/448-161-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/448-136-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/448-169-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/540-125-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/568-142-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/844-105-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/844-118-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1040-133-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1044-140-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1068-177-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1168-139-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1244-129-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1248-171-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1288-130-0x0000000004F10000-0x0000000004F2C000-memory.dmp

Filesize
112KB

Download
memory/1288-112-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1288-121-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1320-128-0x0000000001E50000-0x0000000001E6C000-memory.dmp

Filesize
112KB

Download
memory/1320-119-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1320-108-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1460-146-0x00000000045E0000-0x00000000045FC000-memory.dmp

Filesize
112KB

Download
memory/1460-101-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1460-116-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1488-137-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1488-167-0x0000000004AA0000-0x0000000004ABC000-memory.dmp

Filesize
112KB

Download
memory/1496-127-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1496-188-0x0000000004540000-0x000000000455C000-memory.dmp

Filesize
112KB

Download
memory/1524-135-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1524-180-0x0000000004DD0000-0x0000000004DEC000-memory.dmp

Filesize
112KB

Download
memory/1524-148-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1600-153-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1612-150-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1636-97-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1636-110-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1672-143-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1688-111-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1692-115-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1736-166-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1748-149-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1752-55-0x0000000004D90000-0x0000000004DAC000-memory.dmp

Filesize
112KB

Download
memory/1752-492-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1752-98-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1752-288-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1752-114-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1752-0-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1752-99-0x0000000004D90000-0x0000000004DAC000-memory.dmp

Filesize
112KB

Download
memory/1780-138-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1792-179-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1868-131-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1872-184-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1984-158-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/1988-155-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2060-109-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2060-120-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2088-183-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2136-165-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2208-173-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2392-178-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2420-172-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2444-151-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2512-113-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2512-122-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2568-181-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2584-163-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2628-144-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2628-156-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2632-147-0x0000000004DD0000-0x0000000004DEC000-memory.dmp

Filesize
112KB

Download
memory/2632-124-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2656-182-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2696-159-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2780-160-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2812-117-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2812-103-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2844-91-0x00000000045C0000-0x00000000045DC000-memory.dmp

Filesize
112KB

Download
memory/2844-56-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2844-96-0x00000000045D0000-0x00000000045EC000-memory.dmp

Filesize
112KB

Download
memory/2844-170-0x00000000045E0000-0x00000000045FC000-memory.dmp

Filesize
112KB

Download
memory/2844-162-0x00000000045E0000-0x00000000045FC000-memory.dmp

Filesize
112KB

Download
memory/2844-100-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2852-92-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2852-94-0x00000000046C0000-0x00000000046DC000-memory.dmp

Filesize
112KB

Download
memory/2852-102-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2852-106-0x00000000046C0000-0x00000000046DC000-memory.dmp

Filesize
112KB

Download
memory/2856-123-0x0000000004B20000-0x0000000004B3C000-memory.dmp

Filesize
112KB

Download
memory/2856-104-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2856-93-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2912-141-0x00000000044B0000-0x00000000044CC000-memory.dmp

Filesize
112KB

Download
memory/2912-107-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2912-152-0x00000000044B0000-0x00000000044CC000-memory.dmp

Filesize
112KB

Download
memory/2928-168-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/2968-176-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3004-95-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3012-145-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3024-164-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3060-154-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3160-185-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3176-186-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download
memory/3224-187-0x0000000000400000-0x000000000041C000-memory.dmp

Filesize
112KB

Download