f3b36f9affc4d028bf53883e751a055d439238c7db8b5bdf5b9ac91b64014a71

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 16:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
Size

456KB
MD5

19c21b5b58b5b5d7367f707aec57f140
SHA1

0af81266de338f94a074bdad27411ed3ed9755a9
SHA256

f3b36f9affc4d028bf53883e751a055d439238c7db8b5bdf5b9ac91b64014a71
SHA512

28fd724b45aeb05cbb945c859190d756194e16a6ec59d807c88f0981f8813addacc68ff52a5b3f92ac9601b070584a307c89f55f9945cf27adb1c9fe414da525
SSDEEP

6144:RqAieuWa26GoN+0elSuOT8vlSw2TSHA7uvmT83NY11Wt4KJ5DTyhTddb:Sd26Gw+0eDlSw2TNivc8cdJ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2110) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\resources.pak.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ho_Chi_Minh.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_zh_CN.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\kor-kor.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_ja.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iexplore.exe.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\JSProfilerCore.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\fxplugins.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\pdmproxy100.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt_0.12.1.v20140903-1023.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_ja_4.4.0.v20140623020002.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\libxslt.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-heapdump.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spc.txt.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_ja.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nb.pak.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_zh_CN.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ug.txt.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\sqmapi.dll.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkHandle.png.tmp	19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\19c21b5b58b5b5d7367f707aec57f140_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
456KB

MD5
2e00b192b727b6220c80a8eb4330cdfe

SHA1
87e741992ccb14e59c556e2b0dcb58524610877b

SHA256
ad7ac70666deff7e54610ab2891677bdad98a02567589f1de81fc8f1320cdbe5

SHA512
cc15bb4847c9db9ed4c8a90c73b30dd006b1fd7a583289e142240040ccf195a5b6583f8423f557a89cad66e19a1b362c5621eda6e227e5b0927cf90871862c60

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
465KB

MD5
6917ec3dc1f30c9413af3a1408356892

SHA1
2ebce96195fc3110d201a09b5305fdcc62276a89

SHA256
925123f5be2ff8a160f0101546b697f4584bca5ee43132a6a835ea6d893f124c

SHA512
aeb9599c337137c5e4086a25200216042c2bd3c2d628d6bd7a2595fda37096e39823fae2cae11712413f0a1b30a61a3c13b10b98bfce2fadb9b57811ad0e4785

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads