88cb6200d65e2544c305da5c83bc7847f3333e5dedcf4b8bdb26354084324f16

Analysis

max time kernel
150s
max time network
117s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
14-05-2024 04:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
Size

126KB
MD5

7c6febfa47556a5adb94bee69108bd70
SHA1

8f87840ee3979cd1dba11b4ba470382b8a5e506c
SHA256

88cb6200d65e2544c305da5c83bc7847f3333e5dedcf4b8bdb26354084324f16
SHA512

a672f03f9927b06d336fb55302e5667c995f6e772ac0a62f971966d84ed0973061eb6721117061abf3dec7c98b2b94e7f3fc7873c69d06fa5f1745042d42be60
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzq:RqlIyFESWu0SWuGSwxB

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3428) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\To_Do_List.emf.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\mosaic_window.html.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_ButtonGraphic.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\VideoLAN Website.url.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IdentityModel.Resources.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands_0.10.2.v20140424-2344.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Matamoros.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\RestoreCopy.svg.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkWatson.exe.mui.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ro.pak.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Services\verisign.bmp.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\bod_r.TTF.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ach\LC_MESSAGES\vlc.mo.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.server_8.1.14.v20131031.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Wake.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\en-US\SpiderSolitaire.exe.mui.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\performance.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\charsets.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpCommu.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\sqmapi.dll.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy.jar.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaremr.dll.mui.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoDev.png.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Baku.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Sakhalin.tmp	7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\7c6febfa47556a5adb94bee69108bd70_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2248906074-2862704502-246302768-1000\desktop.ini.tmp

Filesize
127KB

MD5
2f701ab01e55fb2f64f4e1107f56d204

SHA1
d62bb3a46fadd8e4dcf7874cdbd12d2a4c2ed2b7

SHA256
a26e1e870f011956896bf9be24e65a548eaed36c225b5a4dbbcfe66508c917f6

SHA512
6502b0f2009a153e25297046fa1fdeda606d8907057eb8d6af25710925be773fabe16c5bc3f809fe0e2ce99fdfc6aea420a311b0ef74260ba8a9562d4edc3282

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
136KB

MD5
553de54aa48eb393d27566ca283624de

SHA1
ad23f5c3fe9123bb11789df759e25e495a129049

SHA256
7105e7e08d6ad134c1f864a22c9f2953a635b3df24bf573dd29330a435168a18

SHA512
7616424ca7db915bc8fe0c20bdfbe4eb1cb96aec8443b861c2e4f2b34a37ad55a0a1d1babda969aac4044c60f8d80f53019bd6ecf524d9fdd0782400c50a0e51

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads