8d66d8a5f29f0854be95ed4a75865a5b19d82eed5023450d4538da29d284d8e7

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14/05/2024, 03:20

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
Size

81KB
MD5

66e5cf0b8d1620dbabbb5ac95585e870
SHA1

f6d7bc1231a6c029fd445bd09c63633c52bdb2e9
SHA256

8d66d8a5f29f0854be95ed4a75865a5b19d82eed5023450d4538da29d284d8e7
SHA512

5b88f063835d04821dfdee57bf97855deef1f0c52935084361cac3603de301ca8ecd4f7ce67a8f5e00fd7887ac76b0d3972fe2e69e8f08511ee6bf04ab49ef70
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7YWtMQQQH:6e7WpMaxeb0CYJ97lEYNR7ZtL

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3492) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-visual.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Tijuana.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.Printing.resources.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromaprint_plugin.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\WMPDMC.exe.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\settings.html.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.properties.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-disable.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_up.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\RSSFeeds.html.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipBand.dll.mui.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\js\settings.js.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\minidump-analyzer.exe.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\localizedStrings.js.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcer.dll.mui.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Entity.Resources.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm.xml.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\gadget.xml.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_ja_4.4.0.v20140623020002.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iedvtool.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\javaws.exe.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\de-DE\PurblePlace.exe.mui.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_CopyDrop32x32.gif.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\RSSFeeds.js.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+3.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscsy.xml.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\unpack.dll.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\VisioCustom.propdesc.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-new_partly-cloudy.png.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui.tmp	66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\66e5cf0b8d1620dbabbb5ac95585e870_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3452737119-3959686427-228443150-1000\desktop.ini.tmp

Filesize
81KB

MD5
bb9e0d7f58b127ee87be322ab1cd0fdf

SHA1
e15316c6215ce3d808bb802651b8ad6803c16944

SHA256
220694a43451c6da8852ae750052e04c5e7cf6b17c59ec2d92b018c34e2b0818

SHA512
0439c2db29a3348d17e200f677410b231d12b22b8175ef5b259b88a7d576af1159e24667506ed7ecdd11f6e4525f24d99059d76ad00cafd35815d39a2f60bb0f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
90KB

MD5
96ba995d71ef96d26189c927bf5af3f3

SHA1
f5003c91df37a93cae46a2e017b2655cb842de32

SHA256
330c251c9e907ca455ed79cc471db5cfebcac4fcdf5c3a85636ff3d995915389

SHA512
2fd41934f331bbf024432b6beb7fe7ac96ed14a2b07fac2ef9bc644f2dfff6f9f34a5b8541c805571723b6839621743aa9879d42ba147a41e2018e6d2f7967e8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads