a83cfc8588e308ca23086a98eb72ea9e9ab85dc46dedc0a910bda8adf05c5d47

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
11/05/2024, 17:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
Size

89KB
MD5

22ec18e5def4d80193057ea6eb603f80
SHA1

3f495c552e19bd66dc8109a3287f8cc19d6390e6
SHA256

a83cfc8588e308ca23086a98eb72ea9e9ab85dc46dedc0a910bda8adf05c5d47
SHA512

94bc7f46c90b934e0f7ce297fd12884281f80fc93aab1c8f75a2b3bbf0f3538cf9b4579775f27a4dfca1234f589420ac1f8d1bcde1798df7171f9a21e8ae15df
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+e1tpJK///yiMZiMA:6e7WpMaxeb0CYJ97lEYNR73e+e9JynyK

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3501) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.password.template.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\jvm.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.Speech.resources.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_docked.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\RSSFeeds.js.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\WMPMediaSharing.dll.mui.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\js\settings.js.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.zh_CN_5.5.0.165303.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_ja.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Web.Entity.Resources.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsfsstorage_plugin.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-oql_ja.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\release.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jabswitch.exe.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\wmpnetwk.exe.mui.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\an.txt.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.sun.el_2.2.0.v201303151357.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_100_percent.pak.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ga.txt.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Martinique.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\de.txt.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\ja-JP\gadget.xml.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libsharpen_plugin.dll.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\38.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\settings.html.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png.tmp	22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\22ec18e5def4d80193057ea6eb603f80_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
90KB

MD5
8089f5e7b16a01e44cce36eb92a587ea

SHA1
b34a9b9076d781c66faf5b3a0a6ba2184c8adc3c

SHA256
13a8b0bc292c2a388650ff18a8bf37da1e451f391dbe1a89b21a6f0ed67af03c

SHA512
83f062e2ea1d63e34c2efd6f93b653906f56e631d8f6e4a5cdef9169a63cbda1c01458b17af1ff44c2fcd275fb1469054566738006fc20c0e5165af6ad317f75

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
99KB

MD5
a053eb04f6aa3c1252d2f1ab7a295e52

SHA1
218aa1b0a3dbd18079bbc05392341875b41dacb9

SHA256
157146399900dade6340fc9490f8432ac19d051d3328149d47aa01da121d95ce

SHA512
70e946df9cac77e372592c0017491666feaf70999fdb3f392d8aefbc1f5489245d0097d81b41e6e170d0d7554cfe5376c4e9f5148834c480d7f406cf1de7c1ed

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads