121fb47d887262db78468b4acc3330eac9c1a3b80f4d2f9e3264b1d8872ccaa9

General

Target

44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
Size

81KB
MD5

44264ebb527cd4573becaf14a2421fa0
SHA1

43f3dcfd05c5f42b0d5a9b5ba68b389c0deb90bb
SHA256

121fb47d887262db78468b4acc3330eac9c1a3b80f4d2f9e3264b1d8872ccaa9
SHA512

333311ea40f5dfafc565e23d2c02f4b394fe3ca89f4c05ff10d527ab4351f51b14f453e878eb832524b3382f4db7373f079720e19290fff3af532f15befd188b
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/ejJZJF:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0zF

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (606) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es.pak.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perfcore.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkWatson.exe.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-TW.pak.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\java.exe.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\eula.rtf.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ro.pak.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(cm).wmf.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqlxmlx.rll.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sw.txt.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\colorcycle.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\readme.txt.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\da-DK\tipresx.dll.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\shatter.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\sqloledb.rll.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\es-ES\msinfo32.exe.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javaws.exe.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\iedvtool.dll.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsource.ax.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask.wmv.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\ieinstal.exe.mui.tmp	44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\44264ebb527cd4573becaf14a2421fa0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2068

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp
Filesize
81KB

MD5
214e6b9041f66cd784b48b95a75212a7

SHA1
6fa64c5ca71de0d2eb42645eaa6d9ae92a67f6ad

SHA256
82d41d618f4af33ef385fa52016e720ef1947b104c0baa7effbb6da9a8ffa55a

SHA512
6d40062d07ae432736bd68abd4969d49e67e36acfe0c964c460ebb9ecf019db3345a022eca774bf9a791b4e74919b98d56262c360e7dbbe84d7665b3a2a2aa90

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
90KB

MD5
5b4d5b50c2af53eea9b1e30b507a24a3

SHA1
da23214738c635cc37e8a712ab79b3523ffce299

SHA256
c7879c28d39fa6be6a1fdd3c4cc354e4102734d2a532b13086fc2d60e10aa634

SHA512
06afc7cdcb84d687b7408721ea7d65163b55cce2de46a947c510ff200ba3d72c24fcee01f7d9ff39bef695b5e728f5b0755f80976d17a174589b8dcb49c7845a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads