3b78b55874f6eb8c5e2900667f6897c38caa69bb95da9da9afac833009f481ae

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
14-05-2024 07:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
Size

80KB
MD5

9deed236e2ae6f4683d46173228a64e0
SHA1

f90a0800b8ef17a6e24856d7af0512e1acb69760
SHA256

3b78b55874f6eb8c5e2900667f6897c38caa69bb95da9da9afac833009f481ae
SHA512

f96f3fcbe7a3066cb4fbe388275b28c764df1ac354d060b11aade0175f6ac5cd373a2a199f387bef44e48b713c66240c26d124f7cf9762e5d55f75e9a5cabac3
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7YWtMQQQr:6e7WpMaxeb0CYJ97lEYNR7Zt/

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3686) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\de-DE\WinMail.exe.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Windhoek.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Atikokan.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\shvlzm.exe.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_rainy.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ku-ckb.txt.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Bogota.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\updater.ini.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\settings.js.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\zh-tw.txt.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\fr-FR\WMM2CLIP.dll.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop.wmv.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text_3.9.1.v20140827-1810.jar.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Monterrey.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\es-ES\jnwmon.dll.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.ja_5.5.0.165303.jar.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\da.pak.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Edmonton.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_wasapi_plugin.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\EST.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\en-US\Minesweeper.exe.mui.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\defaultagent.ini.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IO.Log.Resources.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_play.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-highlight.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_glass_Thumbnail.bmp.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-actions.jar.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo.tmp	9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\9deed236e2ae6f4683d46173228a64e0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
81KB

MD5
6ece0b04c81d1326026354833b20b8d1

SHA1
e1e1d260282b733c238b181ecc20cc06558c0dab

SHA256
02e2fee1b9349f79d045584d95c9946dd2d89cd74992e5dd3d4878821374cfb1

SHA512
3d1c39e3fd9c664445440cd471dadd9413e534e68d8d61bbe35eeee630ff628c28c9afa4571467855d885a5e5bfc28a6d49a38a0cddb46d260d48dc127ad39ff

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
90KB

MD5
a0f8f419bb0064eab89dce08d49eac6e

SHA1
e363c8b1cb95605753b6b7433b08690fc3140628

SHA256
d8f9c5db6d74c1d8ebb892a846aa7da99aa186dd6498aceef0ca76b3475bbde6

SHA512
9b0e8b10e38f4dbb7b133aab6618fa6a8570ca2f7095fc0a5353d71dee8e900e379e77519b4c1cb9119fffe445c22b126e9ae19a8e8bc2abcc8a02b7f04dd09a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads