1249a5fb906cb9fc29cea65ac5cb204d7333b7d014a520f835a62a91355815d7

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
12-05-2024 17:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
Size

105KB
MD5

32314ee9d1b4ae4a4722ee80ae700240
SHA1

3356cbc96e8525bd98780c1bfe2d35119a7cbd55
SHA256

1249a5fb906cb9fc29cea65ac5cb204d7333b7d014a520f835a62a91355815d7
SHA512

52b5f371f22c72ca12742359573590baaafe16daf3203a38168beb3fa1a195cb7d121fb2e3c658030a7ed72e31705a84a45951a3adb86e226b48e5918e7a3b7e
SSDEEP

3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEIixibGU:tFPxPke+eImGU

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3451) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_Buttongraphic.png.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll.sig.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\pdmproxy100.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-services_ja.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-output2.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\logging.properties.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+12.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\orbd.exe.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-text_zh_CN.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\GMT.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Resources.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Resources.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\wmplayer.exe.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\unpack.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\plugin-container.exe.sig.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\js\service.js.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPMediaSharing.dll.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\picturePuzzle.html.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqlxmlx.rll.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\More Games\fr-FR\MoreGames.dll.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IpsMigrationPlugin.dll.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\msdasqlr.dll.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\vi.pak.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\COPYRIGHT.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_zh_CN.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Nome.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\lo\LC_MESSAGES\vlc.mo.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmplayer.exe.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipTsf.dll.mui.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp	32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\32314ee9d1b4ae4a4722ee80ae700240_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
105KB

MD5
b7638247d95e2ea7545aed6fa0a095f3

SHA1
047bf63608f1db91fb754bea9cb8d4a9b6359f2c

SHA256
af5885383811ebc005934658d8ddea122d86fcc4564fd951643f43b1db8144fd

SHA512
e15fe4aee175f41c41b79b421601330a2875aedc8fca018138c6be429dcc27fc6f0274d5fed90958864afa3a2ea7ec300dc9c7820276acdd0ece0c79e1388928

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
114KB

MD5
ec769b3e5c4ffc0a35c57bdc7152bd66

SHA1
917acd6e5f0de6d658824e40ec92fa64c32bd3c4

SHA256
32c764ede2a3e4fe234c348057cee3d848b5b0429e99ed6b501a937aaee2e263

SHA512
95da813ec2cd1b38bea8cd3256b160853495dde16b9fcded37495f734205f000182df8f49bdd615a8972b02de7511d804c3f787ca026ec70fda9bccc1a598fa0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads