0a0a68266cce7b1ff9d7897d7b7492ce7be2477eac5fbfa5b1dd3ca885d74840

Analysis

max time kernel
149s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12/05/2024, 06:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
Size

104KB
MD5

7a26853f8a47787a1590ffbae9f28e50
SHA1

403c57f6049946e216ca6c2dda86e9e27831bffb
SHA256

0a0a68266cce7b1ff9d7897d7b7492ce7be2477eac5fbfa5b1dd3ca885d74840
SHA512

9b4d6f3533cf50a2a0a9123297a5d49258cd90458bf3713768a8cd1c192796483f356edaec5d76fe5c5ecdb262af80e8c3b1fd063b3e7f786f79e8ac934ea384
SSDEEP

768:W7BlpQpARFbh2UM/zX1vqX1vLFB5W5pYJIJDYJIJOO6O2lpHiJOP25LqrH5HiJOX:W7ZQpApjIWe+eoO6O2lpiMZiMB

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3501) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Net.Resources.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\java_crw_demo.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationBuildTasks.resources.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\server\Xusage.txt.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\eclipse.inf.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libextract_plugin.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\dropins\README.TXT.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\weather.js.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack200.exe.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Antigua.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\desktop.ini.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\libvlc.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\css\settings.css.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\js\cpu.js.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hu.txt.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Currie.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\SIGNUP\install.ins.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\gstreamer-lite.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Berlin.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_hover.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\28.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdasql.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\en-US\bckgzm.exe.mui.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_h.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground.wmv.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Maputo.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color48.png.tmp	7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\7a26853f8a47787a1590ffbae9f28e50_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:3044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
104KB

MD5
a2673d5399c05e329e3a76937b19668a

SHA1
61087afa092c1d5cc54e8f305b8a919f89565319

SHA256
34f103f8796c1430c87e10cf404a181897e88dea3045c758d726487438e39730

SHA512
3116263ffdbd02b3b92ed2c75e024f29c06091b58a052564ef0c4460513d5cb64f47b18550df29eef1f2faaba9bdb464af9537c481792715a997f976e0064ece

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
113KB

MD5
d4fd98f115a618f1db4f1adbfcca31e2

SHA1
b00d34b12226fe39b397ea025b922afea9cf8b68

SHA256
6f9768ef87eb640bbd9f625f4ffbd90e93da0e94ee28ed7173dbb2cb905bb573

SHA512
8d82e8e83e133582d85c26d43f7c4d63d8c9d79eff2293b1451a4829959e0d3a6322af7f19744f331e8ebf25fc1cbd1c094d08866cdcec2ab4351c870367d9f8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads