fd8e45ce23ea01f298a8f993b4d3a7391e73ec34a5606af6e16edc95fb9460a5

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14/05/2024, 07:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
Size

82KB
MD5

a618b78deafd16f5cfb4c574994fdc10
SHA1

1ac25f64a6319b488c330b530d78e290c6e9e628
SHA256

fd8e45ce23ea01f298a8f993b4d3a7391e73ec34a5606af6e16edc95fb9460a5
SHA512

d8028521230f2351409861239a3908419cfad643e3cf55f545eca609dadff912e28618efe544560d9f6c7c86245ac415999b39a9971c65d084187fad4d7aeb07
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/6lD3q5qB:6e7WpMaxeb0CYJ97lEYNR73e+eKZaDaM

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3562) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Amsterdam.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\it-IT\Solitaire.exe.mui.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AXSLE.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmplayer.exe.mui.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwjpn.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Kiev.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\gui\libskins2_plugin.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\IA32.api.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_zh_CN.jar.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\La_Paz.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2launcher.exe.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-gibbous_partly-cloudy.png.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\cryptocme2.sig.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-api.xml.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)redStateIcon.png.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-modules-appui.xml.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\js\clock.js.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\day-of-week-16.png.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nb.txt.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\id.pak.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Recife.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\css\flyout.css.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\wmpnssci.dll.mui.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\es-ES\DVDMaker.exe.mui.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-common.jar.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\HLS.api.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\es-ES\slideShow.html.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a618b78deafd16f5cfb4c574994fdc10_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
82KB

MD5
37366a3a7c6130ef105a0705e283a6a9

SHA1
545bc3a9205e5beb5ea874c6bb5337f7ebfb9ad8

SHA256
adfe5c41e9ca16aa0570de3e6cbf849f5eb83911d36367df3d6157088fbfcc70

SHA512
7fdaa59efd8dcee7ab084e2a277fa631ffb7e8194127aa098ee75314e45cc53fa447a178ae1c9d03f2986dc1a3e4f401521a9a8d3411ca6740716fce10b910f6

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
91KB

MD5
94b41522d05e87da5b320279ee967fb4

SHA1
5fc3104c02ced5107671902587c1ea17609471bb

SHA256
c8002fb3e0ef6998865e394c468c1fc0f62ab93142f60a450905eb8d5e603d5b

SHA512
1caa79297830edd852a59975ee2572e2dcc8466a1b5ae0d54c241c5f643a7cecdaeedd0c647e70a935cf27f4ede4c60a17f1c8806e3266c1cff54c03434881bf

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads