b9e8feac5af79fd6006d213330b3b82d8007f31f55822c8cb2ec8f80dc2e30ae

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
14-05-2024 14:04

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
Size

92KB
MD5

c9a94d8c1ad1eb6877b6c7039f425970
SHA1

e3ffd1b47d45471871055ee98ec0e4ea03025bee
SHA256

b9e8feac5af79fd6006d213330b3b82d8007f31f55822c8cb2ec8f80dc2e30ae
SHA512

da852ba15715292159543cb9af8b92221c2bcbd047ab9e4052cd4aaa8ade60793702caf1dac85e3c6400361d061450cd9261d2815d2aa1632bca8ce1d406cc70
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP76xVt:6rWpcOPxPke+e3fFpsJOfFpsJbgE4Vt

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3445) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_right.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\fxplugins.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Kerguelen.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\de-DE\chkrzm.exe.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Marengo.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLED.EXE.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tripoli.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Design.Resources.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\wmprph.exe.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\it-IT\TableTextService.dll.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_zh_CN.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\es-ES\SpiderSolitaire.exe.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\720x480blacksquare.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\IpsMigrationPlugin.dll.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\WMM2CLIP.dll.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\vignettemask25.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfralm.dat.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msader15.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Efate.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\es-ES\Chess.exe.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ug.txt.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground_PAL.wmv.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\libaudiobargraph_v_plugin.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\es-ES\PhotoViewer.dll.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\New_York.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\PresentationFramework.resources.dll.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\it-IT\PhotoViewer.dll.mui.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\it-IT\css\currency.css.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\settings.html.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_performance_Thumbnail.bmp.tmp	c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\c9a94d8c1ad1eb6877b6c7039f425970_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
92KB

MD5
cb76d910670c95b0fcd762bd8065fde1

SHA1
d26ca008f7fe3e15a9836ed0b02f1475c4e7796c

SHA256
4c8d88e1f7345bcda289b94136a699e33aff367934033bc69860675a45b71451

SHA512
773fc57bfb8fa019d1b398a68786a051b05c4dd5ec677255afcc662342d8a6aa854c775ec8fd5d6b02a0f7e1985d354620ef962a14e79e7d0458b6e57ea80010

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
101KB

MD5
7b235d168e5d15c1745ed8f1615af7af

SHA1
bd3e726bcd4073f60e97fc2234a5e200ef83809f

SHA256
aff5d9793031de843e672f754d810b8f5f8864afbaefd32b7eae27e5d5fd7bd9

SHA512
df1938eb1c7770c2232a731d3b3a4ae4f0f969ce6a16a69adb4c595101a8e0ad9b0731b6514ab62dbd8bae12511a234e2e44cd75052cadeff5ef49fd230f5dc0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads