e6426d4bac1f6b041715a1ee228c700ac6aebc7790ef2debc4fbb443833174cd

Analysis

max time kernel
149s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
12/05/2024, 14:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
Size

75KB
MD5

1d1f9863086f5dc7a6335c95d451aa20
SHA1

cd6a3e2335f8b9e5eab8de1d0e8df302c2130d3e
SHA256

e6426d4bac1f6b041715a1ee228c700ac6aebc7790ef2debc4fbb443833174cd
SHA512

82175cb9e0118429ce05e62f33a558d8f842d40abc2b680218d561f7dfa2b9a3d18a451268590932c0a9877170de77a7e2301d7bffbf1d85c6ea54aad9acc0d9
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKZJHJq:69WpQE0zJ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\en-US\MpAsDesc.dll.mui.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_it.properties.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-keymap.xml.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_ffffff_256x240.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsdt.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Athens.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libsapi_plugin.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hr.txt.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnssci.dll.mui.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_ja.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host-views.xml.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Anchorage.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Edmonton.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\YST9.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\css\settings.css.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqlxmlx.rll.mui.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JdbcOdbc.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\picturePuzzle.html.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\native2ascii.exe.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\vlc.exe.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\fr-FR\gadget.xml.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\fr-FR\sbdrop.dll.mui.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Reunion.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\dt_shmem.dll.tmp	1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1d1f9863086f5dc7a6335c95d451aa20_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
75KB

MD5
b755239d1cf42a57250badb1da0ee678

SHA1
35c92cbdb1949b1c26df203a20367a64325cf433

SHA256
b142e2033e428ff535b505747de3bd73ce21e49120272f2622d3ce7caeabf75a

SHA512
02210864aaa2ad7e44a936b683f73d6475f57e893e8f491b75250de6a956b3a674465b60b5e9631c3e83b7b39eff255c736da704e97c27bc363f5b060ec2fe7b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
84KB

MD5
0a990898b577f67ebf5703a689337628

SHA1
d3d8531aaf2813e3a244bf425c47ee47900a4e69

SHA256
620b3d77aa50531c8c205cb8cefc7304204b978602c06506f1e1f7410c1122d7

SHA512
6ddb37d8449d5d15d5d98bdb43e74cfaa9f4b9ffbacfa9f8b05d3947d1641777aea89cc08102f37957dff076547aec181a7f9c2f8a4b0aaf119b088791f90566

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads