9547659a38c4fd7fb80075157fe8654b8afc5bc85bca24937b0cebb90de07980

General

Target

43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
Size

89KB
MD5

43bc3ea3636424e4dce4f6518194cc10
SHA1

42955d598ce9e90d1a0b4f8016e1e354fa0e0614
SHA256

9547659a38c4fd7fb80075157fe8654b8afc5bc85bca24937b0cebb90de07980
SHA512

2a30a103255e907019ec794dcd3ab857bf387c5ffd1ef2f82f2b344d5daddde26376799aaa614653851c4627421615c38629f12270efc49c7613c1e8c6fb886e
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP76N:6rWpcOPxPke+e3fFpsJOfFpsJbgE0

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3443) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_zh_CN.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\nio.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\lo\LC_MESSAGES\vlc.mo.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\GetUnpublish.aifc.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\defaultagent_localized.ini.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libadaptive_plugin.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Catamarca.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libudp_plugin.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\ktab.exe.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\WMPSideShowGadget.exe.mui.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoCanary.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Extensions.Design.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.ja_5.5.0.165303.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Tunis.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\SolitaireMCE.lnk.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\kn.pak.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_ButtonGraphic.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Port-au-Prince.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Reunion.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\desktop.ini.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\wabmig.exe.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmod_plugin.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32r.dll.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml.tmp	43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\43bc3ea3636424e4dce4f6518194cc10_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
90KB

MD5
849c2c4bfd2285493ec1853edb1574d6

SHA1
ac07aee92d4d24151300eadf786201819ecfad3d

SHA256
d27071f973317af17586b7f2f7b6449adb619944ef9c4482d68953763bc44e66

SHA512
b23e2958fb09f045c5ad43014ea891751ea1b2af31e2dca6c9d371168350b6487bb46fa3a05cadda470e19955562a6a3eed1e6ffdf1d1247dc493b9b9087f2f2

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
99KB

MD5
a80cf2d6bfca26c5f23612a8d10b0d66

SHA1
dcbbc130ffd61525e0508e25b43c4dbcc5635eff

SHA256
2fecd6f61647740b728663c61044177fb0dc26ac4425b2af80164d96ee2e5038

SHA512
33f08a9075517e24f3b43aca5401c35742b45337171928a176ae7ba25b16616a2d04f041dd1d0f6036a03e30130052b34dd627d8c292e8cdb31eaa5a6fc82926

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads