3569be9ef40300b1332ddc818bbef095ac9ddf85c1bc6631461ede49f3ac308d

Analysis

max time kernel
148s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14-05-2024 21:36

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
Size

77KB
MD5

2ce8fc800138b597f424cf3acdd9bcf0
SHA1

ced5792b6cf76fc6a2b5243adde1bf1da930e9b8
SHA256

3569be9ef40300b1332ddc818bbef095ac9ddf85c1bc6631461ede49f3ac308d
SHA512

c98f86d49e9adc7e62f6c7bca41eb1d9aba4e793d6b7e90427790626d3fe84f2c8a1bcbc4bb0841eee69d1a28b5b36b3180311620bb14e4de961ad84645a553d
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKZJHJc:69WpQE0zr

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (396) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IPSEventLogMsg.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado28.tlb.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msxactps.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeslm.dat.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureB.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsTap.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\zh-cn.txt.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcf.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\SIGNUP\install.ins.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcor.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_ButtonGraphic.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047_576black.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IpsMigrationPlugin.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado15.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\FormatWait.xlt.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es.pak.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iedvtool.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ta.txt.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.config.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BlackRectangle.bmp.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadomd.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkWatson.exe.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\15x15dot.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\schemagen.exe.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\Timeline.cpu.xml.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tg.txt.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web\webbase.xml.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritash.dat.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\oledb32r.dll.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\fr-FR\DVDMaker.exe.mui.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\d3dcompiler_47.dll.tmp	2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2ce8fc800138b597f424cf3acdd9bcf0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
77KB

MD5
ab65f15b1197f18708851887267efa46

SHA1
1ff40a6798c86dc4db1e8850ec85a1a25e5cd697

SHA256
1670879983e97181e456d100b638879a084e7a71e692ee0a0311a35e120a8725

SHA512
bfd1c449dc405531d96bb5abf324b6ac5be305604bfdb1132e972598fca056f01d15f3ae087f8ac00feaed66e800d93390bfe1dfebb566465fbc6f65ac22cc7c

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
86KB

MD5
4819cae7262950ae5a0fa53b264f1822

SHA1
e79e8a93bf54fd073f9403d7a22b3a56c5189b00

SHA256
302cce16cd08218f7072beada157b63f2fc7b206ffd88661ea54d0f31ddf59b8

SHA512
585352b205684bdde4a195730cb3f385e13f8ddd81ff586c3405591edf5d0578fc5284d37c8302f991aec05ab7bbfce167848f50dda2c02b75b31a22596de407

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads