abbce0b9b1f985f10b512e5aa04b4226dfa28a3512a228e6c7b1bda27d8f6a99

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
13/05/2024, 13:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
Size

104KB
MD5

b90fcd05f01a085361ab33854e763270
SHA1

be5bbd74329aa12b3dbdf41892e61bbd804c566e
SHA256

abbce0b9b1f985f10b512e5aa04b4226dfa28a3512a228e6c7b1bda27d8f6a99
SHA512

12b4a733ec36050c437088a48e66f9c39a009daed77db1465949d785503905e7dceff85da714fd0aa92b8aeac80cea3a8001141f4ef809aec3435fd8176846dc
SSDEEP

768:W7BlpQpARFbh2UM/zX1vqX1vLFB5W5pYJIJDYJIJOO6O2lpHiJOP25LqrH5HiJOT:W7ZQpApjIWe+eoO6O2lpiMZiM1

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3488) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\locale\ms\LC_MESSAGES\vlc.mo.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libhqdn3d_plugin.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\ja-JP\wmpnetwk.exe.mui.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_single_bkg.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Dili.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsdebuggeride.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Cairo.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\vlc.exe.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\va.txt.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\hprof-16.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Casey.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\ReachFramework.resources.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\mpvis.dll.mui.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\README.txt.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipRes.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-ui_zh_CN.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libwingdi_plugin.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_m.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\localizedStrings.js.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macGrey.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_concat_plugin.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\WMPSideShowGadget.exe.mui.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png.tmp	b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\b90fcd05f01a085361ab33854e763270_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1624

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
104KB

MD5
a1c5cb81ba8eb3402245a846a7ce5755

SHA1
867860fdce6984635e6ce54341b3d90b351e2104

SHA256
5695a9e59f16d3e99229602af91948de8bfa1beeb12fd10003058581f14e5c7a

SHA512
90702b446ff8cb4992f9107d8134f01ac8511972110c42fa6b79adb4f0da7d4f53d05d7b9f46b9e0702cbe2fbec728eceaabb7a0b4d63c446990af36c73d69f4

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
113KB

MD5
d9bc4e4801498e6284c978d2270ca2e2

SHA1
b536fe5fc6bd072c71c28d347d352cbd63c7067d

SHA256
371bf2bdef82639bf29b484f8922dee8e2dbd0026fc1f5628c8e27afb27a9356

SHA512
ca25839c88d443f2ffbbc5160821edd2b81f60cb4c10d40589fcb9b7414942e9a9544e3f0b33a4c082d721c59279118bfd21e59547807c1a5cc498f359e0a859

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads