931c45c4eefb8317a1903b3462e538d30f43ce12d946a0a7618630750dd49d15

Analysis

max time kernel
149s
max time network
125s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
14-05-2024 03:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
Size

117KB
MD5

62e6f8514822773ec4b195f9571284e0
SHA1

54d70bd56b4dd120ccfded48ff229acca73612f0
SHA256

931c45c4eefb8317a1903b3462e538d30f43ce12d946a0a7618630750dd49d15
SHA512

becb80dac50e46c3094d9a745a62180209734c9bf888326084b9e0f9a93cae2417774379ba5facc989d378503d0365b77099fb14262c66dd9dca2eb65ac41b35
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzN:RqlIyFESWu0SWuGSp

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3164) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\bin\jli.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\mlib_image.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsdt.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Bucharest.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ur.pak.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tashkent.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\hprof.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Tunis.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\decora-sse.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\libGLESv2.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\offset.ax.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\offset_window.html.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdasql.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\mainimage-mask.png.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.RSA.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ff\LC_MESSAGES\vlc.mo.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Resolute.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\plugin-container.exe.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IdentityModel.Resources.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\TraceWait.mpe.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\cursors.properties.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\ja-JP\FreeCell.exe.mui.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\NAMEEXT.DLL.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Port_Moresby.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Blanc-Sablon.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Qatar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationTypes.dll.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_zh_CN.jar.tmp	62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\62e6f8514822773ec4b195f9571284e0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
117KB

MD5
0ca8dfc2d2cee00d6b15cff645d6f090

SHA1
351c79681f665adf3f4d596a8ba432aaa42d4ea3

SHA256
846de6dcc564033c4b2d467d58c926ae251e934d618690eca525dbc96328b309

SHA512
b23778ea427863958a417a850b550a9edc15035064b824075c591cb563cd9c6565e8ff90261e9e617134446da295c78eca0429bac12eafd8d563bd6c8ca79079

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
126KB

MD5
4b4be09ad1d1b2b53d5dead07242c97d

SHA1
128e64c4885a1baf72335642945b39cbfcba989c

SHA256
d4db37c46017ae747aa8a909a95d295e4731a310868c58a0f561102ce9a85f70

SHA512
9233be9158eae88575a0881317f9523076f7c3953cc432fedea984df9d936ed6ebe9d48081fd8f872160d03c16f4a06cbd8e5487ab917d0a857930586d0856db

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads