dd99760254c3f1850f86a68609fb62f585678ea4240c204c9478fa9b5f9626b7

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
14/05/2024, 12:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
Size

119KB
MD5

c76617289a8f7dbc5a83600e47e1b680
SHA1

caa6b5cf4badb3bf5505dfd3eb44a624d087e903
SHA256

dd99760254c3f1850f86a68609fb62f585678ea4240c204c9478fa9b5f9626b7
SHA512

84987945508921b7ff1e23646dd218712fede18346e89a6d2851e68f100acc4e31737e5de994a24647674dec350bba562dc0ee548a998a112a79cb7ae6ddf9b9
SSDEEP

3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEIixihyKoIWbsHfySkT5GeCyi348oWGRPOzkA:tFPxPke+eI6

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3435) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-filesystems.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\de-DE\MsMpRes.dll.mui.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationUp_ButtonGraphic.png.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\logging.properties.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\it-IT\MpEvMsg.dll.mui.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\policytool.exe.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yakutsk.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libtextst_plugin.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\feature.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-windows.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Bahia_Banderas.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiling.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\NBMapTIP.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Inuvik.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thule.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Palau.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\org-openide-filesystems_ja.jar.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\COPYRIGHT.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_100_percent.pak.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_h.png.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ja.pak.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_ja_4.4.0.v20140623020002.jar.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmpnetwk.exe.mui.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\j2pcsc.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\http.luac.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6.tmp	c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\c76617289a8f7dbc5a83600e47e1b680_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp

Filesize
119KB

MD5
a8ee2cfc794ea8a17a79dd7ccb1d6b63

SHA1
22bc4056ce24046122fb2fe770d3ccf0f84f8489

SHA256
e117dc203ed3c2eac0d058a14e0e89bb1c0203ef5d541fcdd03d984e700e4db4

SHA512
c79df6e90c9b382de4e270da141ff897cf0f5c5a644c86253ae845f906ff02ebf950b9321085b4364060f3adb8cb46321d717ae6d27033759c66daeb6e08fff9

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
128KB

MD5
10472a673b95294c428fe6247b590cef

SHA1
1bb4a228c46f8ffe8394806b66123a3893965e68

SHA256
4c52c1adc93c1a7fbed2536f2dc67a8652dd3c6a43026897bfc22be8d10b9412

SHA512
2dde0787d608908b03cb6b60b180797cba936b58ea4bb55ee2ca63dcac74330d74b3439a057cb1013307b0df681b11273d2c0d9c989e4e51ea409c0ce485f6ba

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads