8fd967732e0d0cffbc46ee42727f0177ff0cf618cb8a350b6e87c4d662a1f030

Analysis

max time kernel
25s
max time network
131s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
14/05/2024, 14:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
Size

319KB
MD5

cabf87af5b651187272cc53d63e983a0
SHA1

1ff3c751355dab8a2234d8933b7bc64390796fac
SHA256

8fd967732e0d0cffbc46ee42727f0177ff0cf618cb8a350b6e87c4d662a1f030
SHA512

b666974c0e44217f44ba290b8db0d6f74f5fc1870fe8fbc284f36709d67bb95f8b3c1974f5ee10dd694c4f14c2460deb41f725edf4d497ff41040dacaa2026d9
SSDEEP

6144:xjluQoSqIo5R4nM/40yJNVWg0qmfc8W/W3gf4Rp4WS+Xud8TxhJWXvl9RM4y+uMv:xEQoS+qhTWg0Jfc3+3gfCp4B+ediJslD

Score

7^/10

persistence spyware stealer upx

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
behavioral1/memory/1312-0-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/files/0x0007000000016277-5.dat	upx
behavioral1/memory/2496-65-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2508-91-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2536-92-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2976-94-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1676-96-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2364-97-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1812-100-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/320-104-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1824-107-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2508-106-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2496-103-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1312-101-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2536-108-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1676-112-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2328-114-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2312-113-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2976-111-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2140-116-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/696-117-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/700-120-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1328-119-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1812-122-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1836-127-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/772-129-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1568-132-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1956-133-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/916-138-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/696-142-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1632-137-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2320-135-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2280-134-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1944-131-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1604-130-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1824-128-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1144-126-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/320-125-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/588-124-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2364-118-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/3008-145-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/700-144-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1328-143-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2328-140-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1936-141-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2312-139-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1752-147-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2212-151-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/588-149-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1144-152-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1836-153-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1568-154-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1316-155-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1956-157-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1632-159-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2668-177-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1832-174-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1264-173-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2724-172-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2212-171-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2692-180-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/2608-178-0x0000000000400000-0x000000000041D000-memory.dmp	upx
behavioral1/memory/1824-167-0x0000000004F20000-0x0000000004F3D000-memory.dmp	upx
behavioral1/memory/3008-166-0x0000000000400000-0x000000000041D000-memory.dmp	upx

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\A:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\L:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\N:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\H:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\V:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\W:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\B:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\E:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\G:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\I:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\K:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\O:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\P:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\R:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\T:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\U:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\J:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\M:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\S:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File opened (read-only)	\??\X:	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\FxsTmp\fetish horse hot (!) legs (Britney).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\beastiality catfight hairy .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\french handjob voyeur .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\japanese cum girls ash .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\lingerie [free] penetration .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\african lingerie gay girls lady .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\beastiality lingerie several models feet .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\fucking gang bang catfight leather .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\japanese xxx nude several models shower .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\tyrkish blowjob beast sleeping cock pregnant .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\gang bang action catfight boobs .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\lesbian horse uncut boobs shower (Kathrin).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\african lesbian several models fishy .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\lesbian lingerie hot (!) feet .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\bukkake xxx [free] .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\german handjob gang bang big (Britney).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\french action horse voyeur femdom .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\kicking xxx public .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\tyrkish nude [free] .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\malaysia lingerie [free] ash .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\french gay lingerie girls cock (Sylvia,Britney).avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\danish beastiality [free] 50+ .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\beast kicking several models redhair .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\hardcore uncut boobs .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\fucking nude [milf] (Sylvia).mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\Downloaded Program Files\beast [free] high heels .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-aspnet_installsqlstatetemp_b03f5f7f11d50a3a_6.1.7600.16385_none_16a2bb1dbab1c595\lesbian lesbian vagina young .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\russian lingerie action uncut black hairunshaved .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\indian kicking trambling licking .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\Temp\cumshot beastiality sleeping sm .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_05ea1d9b8e2bf020\bukkake big titts hairy (Janette,Gina).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\danish porn action public vagina swallow .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\trambling full movie gorgeoushorny (Karin).mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_dd18b2a07d49aa11\cumshot big lady (Sarah).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.1.7600.16385_none_2958d4a31d2ec64f\asian hardcore girls ash lady .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\black cum catfight nipples redhair .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\german gang bang hot (!) lady .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\brasilian porn hardcore big shoes .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_d81c96999f75bd77\canadian animal lesbian [milf] .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\tyrkish sperm [free] vagina .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_7bfdfb15e7184c41\sperm hidden redhair .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\spanish nude beastiality lesbian blondie .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\fucking voyeur young (Anniston).mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_97a45841ff925aa0\african action [milf] boobs ash .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b4aea777fe683838\japanese hardcore hardcore public .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\malaysia gay catfight (Tatjana).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_3c93ac15fd731acf\handjob catfight beautyfull (Liz).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_en-us_aedaf3947d09fbe5\japanese beast horse masturbation shower .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_4d274741486b900c\danish blowjob xxx catfight .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\indian cumshot uncut ash upskirt .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8d9f242de8497d58\spanish lesbian big .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\nude action lesbian swallow .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_387a16fe7addf3b6\german horse big feet balls .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\security\templates\swedish porn hidden balls (Ashley,Ashley).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_99b74194b7347cab\asian gay kicking voyeur boobs .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_es-es_5d6ada54ed6d35a2\cum cumshot catfight femdom (Christine,Jade).zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-m..-temptable-provider_31bf3856ad364e35_6.1.7600.16385_none_1dd3ce8d1e7524cd\french cum hot (!) .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\japanese nude [milf] glans pregnant .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp\cum hot (!) lady (Karin).mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\chinese fucking uncut .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_39374e2435a71b47\nude bukkake voyeur legs YEâPSè& .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0993a1b8823a4e79\chinese gay public ìï (Sonja).zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_aea650787d30ed8a\tyrkish hardcore handjob [milf] .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_ddab3bcb3a4ffb45\canadian animal nude girls hole beautyfull .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_664dbffec8693dfe\blowjob catfight .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfolders-adm_31bf3856ad364e35_6.1.7600.16385_none_af6f98ff87b0e3cc\beastiality porn [milf] .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_9498b282333b64ec\asian sperm several models circumcision (Britney).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\beastiality porn girls balls (Jenna).zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_es-es_8bc7919d3f36cee7\brasilian porn girls black hairunshaved .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_f0ca3430257ea13f\horse masturbation hotel .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_7f84cd98a7a56fd8\gang bang gay catfight sweet .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\british bukkake porn public shower (Curtney).mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\fucking horse catfight cock lady .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_d8216ed3d8746200\chinese nude hot (!) glans (Curtney).avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\swedish beastiality catfight balls (Karin).mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_f27c4f066f5c6701\gang bang licking .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\wow64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_79642285ffd2a388\fucking big .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\russian porn animal full movie YEâPSè& .mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.1.7600.16385_none_a727eb798dcfb185\british fucking [free] (Jade,Tatjana).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\brasilian gay [milf] black hairunshaved .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\spanish blowjob cumshot masturbation penetration .mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\cum masturbation .rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_3d98a610fed70b75\handjob big boobs (Sylvia).rar.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\fucking lesbian sleeping hotel .zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_00225053e03f4c04\kicking public shoes (Sylvia,Curtney).zip.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_965db382b6fef5cb\german gay hardcore big (Jade).mpg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_095efe9c8261401e\tyrkish kicking horse catfight swallow (Jenna,Melissa).mpeg.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_94ab98ac6d213009\lesbian public .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\spanish nude bukkake voyeur .avi.exe	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1812	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
320	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1824	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
772	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2320	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2280	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2328	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
696	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
700	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1328	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1812	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
588	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1144	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1604	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
320	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1836	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1944	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1824	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1568	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
772	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
772	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1956	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1956	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1316	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1316	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1632	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
1632	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2320	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
2320	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1312 wrote to memory of 2496	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	28
PID 1312 wrote to memory of 2496	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	28
PID 1312 wrote to memory of 2496	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	28
PID 1312 wrote to memory of 2496	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	28
PID 2496 wrote to memory of 2508	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	29
PID 2496 wrote to memory of 2508	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	29
PID 2496 wrote to memory of 2508	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	29
PID 2496 wrote to memory of 2508	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	29
PID 1312 wrote to memory of 2536	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	30
PID 1312 wrote to memory of 2536	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	30
PID 1312 wrote to memory of 2536	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	30
PID 1312 wrote to memory of 2536	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	30
PID 2508 wrote to memory of 2976	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	31
PID 2508 wrote to memory of 2976	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	31
PID 2508 wrote to memory of 2976	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	31
PID 2508 wrote to memory of 2976	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	31
PID 2536 wrote to memory of 1676	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	32
PID 2536 wrote to memory of 1676	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	32
PID 2536 wrote to memory of 1676	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	32
PID 2536 wrote to memory of 1676	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	32
PID 2496 wrote to memory of 2140	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	33
PID 2496 wrote to memory of 2140	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	33
PID 2496 wrote to memory of 2140	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	33
PID 2496 wrote to memory of 2140	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	33
PID 1312 wrote to memory of 2364	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	34
PID 1312 wrote to memory of 2364	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	34
PID 1312 wrote to memory of 2364	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	34
PID 1312 wrote to memory of 2364	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	34
PID 2976 wrote to memory of 1812	2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	35
PID 2976 wrote to memory of 1812	2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	35
PID 2976 wrote to memory of 1812	2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	35
PID 2976 wrote to memory of 1812	2976	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	35
PID 1676 wrote to memory of 1824	1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	36
PID 1676 wrote to memory of 1824	1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	36
PID 1676 wrote to memory of 1824	1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	36
PID 1676 wrote to memory of 1824	1676	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	36
PID 2508 wrote to memory of 320	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	37
PID 2508 wrote to memory of 320	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	37
PID 2508 wrote to memory of 320	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	37
PID 2508 wrote to memory of 320	2508	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	37
PID 2140 wrote to memory of 772	2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	38
PID 2140 wrote to memory of 772	2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	38
PID 2140 wrote to memory of 772	2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	38
PID 2140 wrote to memory of 772	2140	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	38
PID 2364 wrote to memory of 2320	2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	39
PID 2364 wrote to memory of 2320	2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	39
PID 2364 wrote to memory of 2320	2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	39
PID 2364 wrote to memory of 2320	2364	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	39
PID 2536 wrote to memory of 2280	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	40
PID 2536 wrote to memory of 2280	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	40
PID 2536 wrote to memory of 2280	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	40
PID 2536 wrote to memory of 2280	2536	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	40
PID 1312 wrote to memory of 2312	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	41
PID 1312 wrote to memory of 2312	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	41
PID 1312 wrote to memory of 2312	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	41
PID 1312 wrote to memory of 2312	1312	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	41
PID 2496 wrote to memory of 2328	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	42
PID 2496 wrote to memory of 2328	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	42
PID 2496 wrote to memory of 2328	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	42
PID 2496 wrote to memory of 2328	2496	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	42
PID 1812 wrote to memory of 696	1812	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	43
PID 1812 wrote to memory of 696	1812	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	43
PID 1812 wrote to memory of 696	1812	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	43
PID 1812 wrote to memory of 696	1812	cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1312
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2496
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2508
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2976
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:1812
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:696
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:2212
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:5528
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        10⤵
        
        PID:10780
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        10⤵
        
        PID:21820
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:8028
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        10⤵
        
        PID:21748
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:13920
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:4116
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:9092
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:15820
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:7264
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:15812
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:12568
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:5668
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:10788
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:22916
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:8388
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:15476
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:13896
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:9036
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15604
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:7308
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:16032
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11520
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15892
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:1264
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:3456
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:5740
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:11568
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:8428
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:14128
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5104
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:9080
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15868
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:7440
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:16040
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11504
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3508
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5780
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:10916
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8348
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14176
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:4996
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:9100
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15716
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7472
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15920
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12504
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:588
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:2716
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:3788
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:5568
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:12576
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:8876
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:14120
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5412
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:10072
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:16424
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8032
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:13012
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3752
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5960
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:10660
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:16216
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8632
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:13968
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5268
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:9960
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16120
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8088
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15936
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12528
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:2724
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3928
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5236
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:12560
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:9324
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16016
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5488
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10676
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:21836
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8264
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16200
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13960
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3864
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5512
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:12664
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9300
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15764
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5476
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10688
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3760
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7844
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13864
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:320
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1328
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:1548
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:3496
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:5804
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:11292
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:16588
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:8552
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:14200
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:4916
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:9044
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15652
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:7432
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15740
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:12584
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3588
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5836
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:10968
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8440
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15928
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14112
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5188
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:9220
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15468
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14260
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7544
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16184
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11968
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:2720
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3676
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5920
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:11108
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:3164
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8576
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14136
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5248
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:9672
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15644
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7772
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15516
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11952
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:21844
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3832
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6448
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14088
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9924
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16336
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5420
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10736
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8420
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14160
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1144
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:2692
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3560
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:6964
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:14032
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10120
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16492
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6016
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11244
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8848
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:14284
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3892
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5656
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11512
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9316
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15844
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5452
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10936
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:21740
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8396
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14096
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:1832
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4052
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6492
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:13808
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9968
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16192
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5644
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11116
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8228
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13904
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:3856
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6568
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:14064
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9776
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15772
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:5432
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10260
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16320
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7212
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16224
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:13872
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2140
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:772
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1836
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:2752
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:3600
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:7160
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:13832
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:10368
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:16264
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:6032
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:11544
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:16376
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8840
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14276
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:4232
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:6160
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15628
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10344
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16352
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6088
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:12472
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9292
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15588
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:880
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:4588
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8140
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:12520
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6780
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:13044
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9660
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16152
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3768
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:1588
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15836
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10352
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16344
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6076
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11552
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16208
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8672
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14168
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1944
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:1656
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:4340
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:7676
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15984
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11976
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:21852
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6388
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14056
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9284
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15700
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4080
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6612
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15748
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10384
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16288
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5260
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10652
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16860
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8884
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14236
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:2480
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4064
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6672
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:13020
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10644
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:4068
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5148
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11276
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8900
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14252
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:3848
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5468
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12464
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9208
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15860
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:5460
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10288
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16304
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7216
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:12924
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2328
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:916
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3152
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3748
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8892
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14152
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6844
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16064
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11036
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4840
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8292
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12988
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6180
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15952
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10196
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16072
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:2460
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4560
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8160
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12640
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6716
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13800
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9644
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16128
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4444
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7804
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15992
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:12592
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6432
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:12496
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9984
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16104
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:1752
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:3256
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4960
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9152
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15668
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7244
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16056
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11236
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4940
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8524
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14216
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6464
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13856
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:10336
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16248
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:2880
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4672
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7720
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15804
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:12956
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6828
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14208
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9952
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16540
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:4496
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7924
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16048
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:12480
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:6724
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:14016
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:9560
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:15636
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2536
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1676
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1824
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:700
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:2668
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:3628
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:5852
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:10708
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:16524
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:8464
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:14192
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5200
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:9228
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        9⤵
        
        PID:3700
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15852
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:7656
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:11984
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:12512
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3712
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:5972
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:11268
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8608
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11560
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15904
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10088
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16272
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7812
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12908
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:2608
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3552
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:6416
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:15944
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10176
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16080
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6008
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10668
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8856
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:14292
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3940
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6516
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:12980
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9992
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16096
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5536
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:11284
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8236
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13928
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1604
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:2476
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:4016
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:6888
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        8⤵
        
        PID:14008
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10164
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16548
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5520
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:10772
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8272
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15508
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13936
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3920
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6524
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14040
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:9916
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16312
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:5552
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10764
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8220
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13912
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:1336
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4616
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7668
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12544
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6800
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13824
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9944
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16368
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:3516
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6936
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13876
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9936
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16360
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:5900
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10612
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16452
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:8584
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:14224
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2280
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:1936
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:3104
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:3840
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8648
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:14104
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6896
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15580
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10976
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4832
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8204
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15884
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12932
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6164
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13792
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10636
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16680
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:2680
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4772
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8516
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15708
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13952
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7104
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12996
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10376
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16280
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4536
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8020
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15484
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:12536
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6768
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14048
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9636
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:15596
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:3008
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:3224
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4860
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8948
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:14268
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7224
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15564
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11496
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15912
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4968
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8412
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13976
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6460
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15968
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:11308
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:2700
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4464
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7824
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15492
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11960
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:22932
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6440
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13984
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9976
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16008
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:4472
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7872
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16176
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:12648
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:6592
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:12940
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:9784
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:15676
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2364
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2320
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1316
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:2908
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:5072
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:8600
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:11528
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:6788
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15684
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:10328
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:16256
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4792
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8172
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12964
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:7088
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13992
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10620
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16160
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:1704
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4304
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7524
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:16168
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13028
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6380
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13004
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9436
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15660
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:3916
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6688
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15500
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11056
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:5596
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11488
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:8868
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:14144
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1956
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:796
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4984
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:8456
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15756
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13944
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6588
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:13816
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:10628
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16532
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4800
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8544
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15692
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14072
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7136
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14000
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:10360
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16296
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:484
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4524
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8000
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15976
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13036
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6708
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:14024
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9552
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16136
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:3704
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7004
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13848
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:10096
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16516
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:6068
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:11300
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16596
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:8680
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:14080
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2312
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1568
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:2548
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:4376
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:7624
        
        C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        7⤵
        
        PID:15788
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12488
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6396
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:12916
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9428
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15796
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4248
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:6944
      - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        6⤵
        
        PID:15960
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11252
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:5264
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:11536
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16328
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9308
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:15732
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:1448
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4596
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:8184
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:12948
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:6732
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:13884
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:9652
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:16112
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:4256
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7132
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16024
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:11072
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:21828
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:5220
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:12600
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:9192
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:14244
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1632
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:3184
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:4904
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:9068
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15724
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7200
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15620
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:11260
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:4864
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:8380
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:16000
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:13840
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:6184
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:13052
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:10184
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:16088
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  PID:1096
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:4384
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:7700
    - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
        5⤵
        
        PID:15828
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:12552
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:6404
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:13784
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:9444
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:15612
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  PID:3880
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:6536
  - - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
      4⤵
      PID:14184
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:9824
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:15876
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  PID:5380
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:10248
- - C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
    3⤵
    PID:16144
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  PID:7932
- C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\cabf87af5b651187272cc53d63e983a0_NeikiAnalytics.exe"
  2⤵
  PID:12972

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\fucking nude [milf] (Sylvia).mpg.exe

Filesize
1.6MB

MD5
b5b8bfea115be9cce80abdbbb264fe7c

SHA1
71924c699e81dd7bae782821362a782fe8178cd0

SHA256
0fd326f46b8fa94123e7f7748aa6f6267d962d6c6a785c58c338f0bccfd50e1e

SHA512
e65658df237f82fe00e32c031d1327f8d9dcd5b29f25d9ece845065bdbeea51268d53f35f934da7381d09f6f984cf831a181373bc5e9f34f2937d02f5214d76b

Download Submit
memory/320-125-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/320-104-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/588-149-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/588-162-0x00000000044B0000-0x00000000044CD000-memory.dmp

Filesize
116KB

Download
memory/588-124-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/696-142-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/696-150-0x00000000046C0000-0x00000000046DD000-memory.dmp

Filesize
116KB

Download
memory/696-117-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/700-120-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/700-144-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/772-129-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/772-179-0x0000000004F20000-0x0000000004F3D000-memory.dmp

Filesize
116KB

Download
memory/880-185-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/916-138-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/916-161-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1144-126-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1144-169-0x0000000002020000-0x000000000203D000-memory.dmp

Filesize
116KB

Download
memory/1144-152-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1264-173-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1312-101-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1312-136-0x0000000004A10000-0x0000000004A2D000-memory.dmp

Filesize
116KB

Download
memory/1312-64-0x0000000004780000-0x000000000479D000-memory.dmp

Filesize
116KB

Download
memory/1312-158-0x0000000004A10000-0x0000000004A2D000-memory.dmp

Filesize
116KB

Download
memory/1312-0-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1312-102-0x0000000004780000-0x000000000479D000-memory.dmp

Filesize
116KB

Download
memory/1316-155-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1328-119-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1328-156-0x0000000001EC0000-0x0000000001EDD000-memory.dmp

Filesize
116KB

Download
memory/1328-143-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1548-175-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1568-132-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1568-154-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1604-130-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1632-159-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1632-137-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1656-184-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1676-123-0x0000000004AA0000-0x0000000004ABD000-memory.dmp

Filesize
116KB

Download
memory/1676-96-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1676-112-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1752-147-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1752-168-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1812-122-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1812-100-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1824-107-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1824-167-0x0000000004F20000-0x0000000004F3D000-memory.dmp

Filesize
116KB

Download
memory/1824-128-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1832-174-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1836-127-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1836-153-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1936-163-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1936-141-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1944-176-0x00000000044A0000-0x00000000044BD000-memory.dmp

Filesize
116KB

Download
memory/1944-131-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1956-133-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/1956-157-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2140-116-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2212-171-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2212-151-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2280-134-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2312-139-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2312-113-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2320-135-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2328-140-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2328-114-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2364-118-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2364-97-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2480-183-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2496-103-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2496-65-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2496-105-0x0000000004BA0000-0x0000000004BBD000-memory.dmp

Filesize
116KB

Download
memory/2496-90-0x0000000004BA0000-0x0000000004BBD000-memory.dmp

Filesize
116KB

Download
memory/2508-106-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2508-170-0x0000000004CF0000-0x0000000004D0D000-memory.dmp

Filesize
116KB

Download
memory/2508-109-0x0000000004CE0000-0x0000000004CFD000-memory.dmp

Filesize
116KB

Download
memory/2508-91-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2508-93-0x0000000004CE0000-0x0000000004CFD000-memory.dmp

Filesize
116KB

Download
memory/2536-110-0x0000000004AA0000-0x0000000004ABD000-memory.dmp

Filesize
116KB

Download
memory/2536-92-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2536-108-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2536-95-0x0000000004AA0000-0x0000000004ABD000-memory.dmp

Filesize
116KB

Download
memory/2608-178-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2668-160-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2668-177-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2692-180-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2716-182-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2716-165-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2720-164-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2720-181-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2724-172-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2976-94-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/2976-121-0x0000000001E10000-0x0000000001E2D000-memory.dmp

Filesize
116KB

Download
memory/2976-146-0x0000000004500000-0x000000000451D000-memory.dmp

Filesize
116KB

Download
memory/2976-99-0x0000000001E10000-0x0000000001E2D000-memory.dmp

Filesize
116KB

Download
memory/2976-111-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/3008-166-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download
memory/3008-145-0x0000000000400000-0x000000000041D000-memory.dmp

Filesize
116KB

Download