Analysis
-
max time kernel
15s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
15/05/2024, 11:09
Behavioral task
behavioral1
Sample
ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe
-
Size
1.0MB
-
MD5
ce3f8e19d0c2db31d0c496b2596cab90
-
SHA1
81643f63e669bd308289e36ba6ef6d673b052f73
-
SHA256
9575265fa51c725a02933efa898dee82c15acbac1bb536111f85af4cfe9754d9
-
SHA512
bea1467e0b0a39ee9903e39046cf437daa0c0f369274d5100182c779133d76f93e210799a860de42bb54ee072ff6ead09989454a9def3e51b8d1caa6a44fc274
-
SSDEEP
24576:VNnwQEAQ5GBlkwDwzku4oRLG74/sMyXRnlF33LQGczQ:XwEnvk8wguPRvsMyXR33UTzQ
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 16 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
resource yara_rule behavioral2/memory/1168-0-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/files/0x00070000000233f4-5.dat upx behavioral2/memory/1528-60-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/632-155-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1120-156-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4104-182-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2980-184-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1900-183-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1984-185-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2452-186-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2364-188-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3796-187-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4396-190-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2448-189-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/5076-191-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4624-193-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1168-192-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4844-195-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1528-194-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4040-198-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/632-197-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3600-200-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1120-199-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4104-202-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2184-201-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2980-206-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1900-205-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4036-204-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1204-203-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2368-208-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/892-213-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3488-212-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2764-219-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4396-215-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2448-214-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/5076-218-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/988-217-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/5060-216-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2364-211-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2452-209-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3796-210-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1984-207-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3284-221-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4624-220-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/552-224-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4844-222-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3960-227-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1808-226-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4040-225-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2324-223-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2184-232-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3600-231-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1204-249-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4688-248-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/1888-247-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4960-246-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2972-245-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2968-244-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3616-243-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/4064-242-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/2232-241-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3912-240-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3172-239-0x0000000000400000-0x000000000041F000-memory.dmp upx behavioral2/memory/3932-238-0x0000000000400000-0x000000000041F000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\Z: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\G: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\K: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\S: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\T: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\W: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\X: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\H: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\J: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\L: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\P: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\Q: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\U: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\V: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\Y: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\A: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\E: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\N: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\O: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\R: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\B: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\I: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File opened (read-only) \??\M: ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
description ioc Process File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\malaysia hardcore nude girls titts balls .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\japanese lesbian full movie .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\tyrkish horse trambling licking feet lady .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\asian handjob blowjob full movie lady .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\beast girls castration .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\swedish lesbian fucking voyeur legs upskirt .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\horse voyeur .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\gay full movie hairy .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\norwegian beast lesbian girls .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\lesbian hot (!) ash leather .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\asian handjob bukkake lesbian glans .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\french gay girls ¼ë .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Drops file in Program Files directory 18 IoCs
description ioc Process File created C:\Program Files\dotnet\shared\african gang bang masturbation (Tatjana,Sonja).avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\canadian fetish horse voyeur castration (Liz,Sarah).avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\gay lesbian latex .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\swedish beast action uncut .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Common Files\microsoft shared\fetish blowjob public hole .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\asian lingerie cumshot public boobs granny (Kathrin).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\african porn [milf] gorgeoushorny .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\danish porn several models gorgeoushorny .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\japanese sperm fucking voyeur pregnant (Sandy,Jenna).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\handjob several models feet leather .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\german blowjob several models circumcision .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\chinese animal sleeping cock (Britney).mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Microsoft Shared\fucking hidden nipples 50+ .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\indian blowjob xxx big hairy .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\Templates\black lingerie [milf] .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\spanish cumshot lesbian boobs gorgeoushorny .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\african horse licking bondage .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\kicking animal [milf] circumcision .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Drops file in Windows directory 64 IoCs
description ioc Process File created C:\Windows\mssrv.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\xxx fucking hidden glans castration .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\Downloads\black action full movie ash ejaculation .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.1_none_fa09f84703cb02c5\british beastiality girls high heels .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\InputMethod\SHARED\norwegian lesbian [free] gorgeoushorny (Ashley,Ashley).mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\british xxx handjob voyeur ash .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.1_none_5d54c0aac5c3c12c\porn sleeping .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\horse horse girls mistress .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\brasilian nude lingerie [bangbus] granny (Karin,Jenna).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\norwegian lingerie beast catfight shower .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\action catfight redhair .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\african lesbian uncut titts .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\lesbian sleeping hole gorgeoushorny .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\horse kicking several models nipples .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.844_none_57eddd48e7a74274\indian blowjob big .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\horse catfight legs Ôï .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\spanish hardcore [bangbus] girly .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\action hardcore hot (!) .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\canadian beastiality licking titts .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\german porn cumshot voyeur .mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\malaysia action [bangbus] ash (Sonja).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\assembly\tmp\trambling sleeping bondage .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\kicking hardcore voyeur (Samantha,Sarah).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\african fetish big .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\brasilian beast uncut .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\security\templates\black cumshot big (Anniston,Anniston).rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\SharedFileCache\fucking [bangbus] fishy .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\asian xxx several models upskirt (Ashley,Britney).avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.1_none_2fe79eae2833b9b1\german fetish gang bang hot (!) ash .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\assembly\temp\italian nude several models (Britney,Sonja).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\Downloaded Program Files\italian lingerie catfight .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\russian animal horse [bangbus] vagina .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\fetish horse masturbation hole castration .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\xxx hot (!) .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.844_none_67b5915b5651dd8a\american trambling big (Samantha,Curtney).mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.746_none_ab42fb092bda9182\xxx beast [free] .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\beast public bondage (Melissa,Anniston).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\CbsTemp\hardcore licking glans sweet .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\gay licking .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\gang bang gay full movie .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\lingerie masturbation hole bedroom (Kathrin,Ashley).mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_5b152a8d329397ec\beast cum lesbian .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.867_none_c29826784f9429f8\xxx action masturbation (Britney,Sandy).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\Downloads\british animal beast lesbian hotel .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\cum girls nipples .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\black horse [free] 40+ .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\german cumshot [bangbus] cock .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.1_none_9aa486d790131d4e\african blowjob sperm big (Sarah).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\spanish blowjob lingerie uncut boobs (Gina).mpg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\british horse nude big 40+ .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.264_none_cb389cf57d74d691\cumshot nude big .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\indian handjob masturbation .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\swedish action horse voyeur boobs girly .mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\gang bang beast hot (!) feet (Liz,Sonja).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\tyrkish blowjob [milf] bedroom .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\german beastiality hardcore public .zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..se-shared-datafiles_31bf3856ad364e35_10.0.19041.1_none_2f5f00d280dce9f6\lingerie [free] vagina (Janette,Sonja).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\russian gay cum uncut wifey .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\fucking [free] (Ashley).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\animal uncut cock (Ashley,Sandy).avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\french hardcore uncut hotel .avi.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\xxx big .rar.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\british porn xxx full movie (Sonja).zip.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\chinese kicking porn full movie (Samantha,Anniston).mpeg.exe ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2452 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2452 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 3796 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 3796 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2364 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2364 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4396 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2448 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2448 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4396 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 5076 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 5076 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4844 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4844 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4624 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4624 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4040 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 4040 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1168 wrote to memory of 1528 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 85 PID 1168 wrote to memory of 1528 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 85 PID 1168 wrote to memory of 1528 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 85 PID 1168 wrote to memory of 632 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 86 PID 1168 wrote to memory of 632 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 86 PID 1168 wrote to memory of 632 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 86 PID 1528 wrote to memory of 1120 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 87 PID 1528 wrote to memory of 1120 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 87 PID 1528 wrote to memory of 1120 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 87 PID 1168 wrote to memory of 4104 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 88 PID 1168 wrote to memory of 4104 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 88 PID 1168 wrote to memory of 4104 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 88 PID 1528 wrote to memory of 1900 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 89 PID 1528 wrote to memory of 1900 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 89 PID 1528 wrote to memory of 1900 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 89 PID 632 wrote to memory of 2980 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 90 PID 632 wrote to memory of 2980 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 90 PID 632 wrote to memory of 2980 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 90 PID 1120 wrote to memory of 1984 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 91 PID 1120 wrote to memory of 1984 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 91 PID 1120 wrote to memory of 1984 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 91 PID 1168 wrote to memory of 3796 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 92 PID 1168 wrote to memory of 3796 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 92 PID 1168 wrote to memory of 3796 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 92 PID 632 wrote to memory of 2452 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 93 PID 632 wrote to memory of 2452 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 93 PID 632 wrote to memory of 2452 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 93 PID 1528 wrote to memory of 2364 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 94 PID 1528 wrote to memory of 2364 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 94 PID 1528 wrote to memory of 2364 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 94 PID 4104 wrote to memory of 4396 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 95 PID 4104 wrote to memory of 4396 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 95 PID 4104 wrote to memory of 4396 4104 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 95 PID 1120 wrote to memory of 2448 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 96 PID 1120 wrote to memory of 2448 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 96 PID 1120 wrote to memory of 2448 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 96 PID 1900 wrote to memory of 5076 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 97 PID 1900 wrote to memory of 5076 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 97 PID 1900 wrote to memory of 5076 1900 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 97 PID 2980 wrote to memory of 4624 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 98 PID 2980 wrote to memory of 4624 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 98 PID 2980 wrote to memory of 4624 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 98 PID 1984 wrote to memory of 4844 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 99 PID 1984 wrote to memory of 4844 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 99 PID 1984 wrote to memory of 4844 1984 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 99 PID 1168 wrote to memory of 4040 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 100 PID 1168 wrote to memory of 4040 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 100 PID 1168 wrote to memory of 4040 1168 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 100 PID 632 wrote to memory of 3600 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 101 PID 632 wrote to memory of 3600 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 101 PID 632 wrote to memory of 3600 632 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 101 PID 1528 wrote to memory of 2184 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 102 PID 1528 wrote to memory of 2184 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 102 PID 1528 wrote to memory of 2184 1528 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 102 PID 2452 wrote to memory of 1204 2452 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 103 PID 2452 wrote to memory of 1204 2452 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 103 PID 2452 wrote to memory of 1204 2452 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 103 PID 3796 wrote to memory of 4036 3796 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 104 PID 3796 wrote to memory of 4036 3796 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 104 PID 3796 wrote to memory of 4036 3796 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 104 PID 1120 wrote to memory of 2368 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 105 PID 1120 wrote to memory of 2368 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 105 PID 1120 wrote to memory of 2368 1120 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 105 PID 2980 wrote to memory of 3488 2980 ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe 106
Processes
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1168 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1528 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1120 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1984 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4844 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:552
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:5992
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:9976
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"9⤵PID:17396
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"9⤵PID:22728
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:15732
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:21044
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:7360
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:8212
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:22084
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:12744
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15428
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20116
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:3616
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:6184
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:9336
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"9⤵PID:19692
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:12292
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:15524
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:19708
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:8636
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:19660
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:12964
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15500
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20148
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:6320
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:13060
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:3764
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:22464
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8484
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20336
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:9100
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20360
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12688
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15420
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20108
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:988
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:5920
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:11560
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15120
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20876
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:7332
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:21980
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8688
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12992
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15404
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22472
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4580
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:7004
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8600
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12972
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15484
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20156
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:6224
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11552
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15684
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22488
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8348
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:23228
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9124
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:19668
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:13108
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:2200
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19528
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2448 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:3284
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:5904
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:2616
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15652
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20376
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:7436
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:22012
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8204
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:22028
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12728
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:16280
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21028
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:1564
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:7152
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:12300
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15564
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20472
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8660
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:10216
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:13116
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:5080
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20084
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:6232
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:164
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15644
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20392
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8268
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9036
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12560
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4284
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19508
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:2368
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5912
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11952
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15620
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20400
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7352
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9048
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20352
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12648
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15516
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21840
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:2232
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7804
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9212
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:13100
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4912
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21168
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6240
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11536
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4496
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21020
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8276
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9148
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21996
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:13124
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:220
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20940
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1900 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:5076 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:3960
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:2176
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:9960
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15708
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:7844
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:7872
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:22456
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:9196
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12908
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:4964
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21076
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:2152
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:6560
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20972
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:9056
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:2264
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15636
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21092
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5744
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11960
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15660
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:6924
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4904
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22044
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9172
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:13008
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:1840
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20188
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:2764
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5776
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:9860
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15748
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21052
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7320
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22448
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8460
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12892
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15380
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20884
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:2360
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7864
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9188
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:13016
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:2272
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21956
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6248
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11760
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15676
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22480
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8468
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22100
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9068
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:11876
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15532
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:19700
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2364 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5060
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5696
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11016
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15764
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21160
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4604
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8364
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22076
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12932
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15412
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20196
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:3172
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:1540
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22060
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8568
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22092
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:13084
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:1736
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21972
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6256
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9868
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:17616
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15740
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22504
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8412
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9128
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12696
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15436
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20180
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:2184
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5964
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9368
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15756
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22520
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:7444
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22036
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8580
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19756
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12940
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15364
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20948
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:4688
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6172
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8148
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22020
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12872
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15396
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20892
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:6304
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9968
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:18480
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15716
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:22496
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:9248
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:13376
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:4072
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:23144
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:632 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2980 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4624 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:1808
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:5712
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:8696
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"8⤵PID:21848
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:11628
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:15612
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:21176
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:7016
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8152
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12752
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:4540
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20916
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4064
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:1376
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"7⤵PID:20368
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8572
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:13068
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:5012
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:19536
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5844
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11568
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15136
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:17600
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:23236
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8256
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9156
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12900
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:3988
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21152
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:3488
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5764
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:8396
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:12948
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15240
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:19716
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:4384
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8388
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20344
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12956
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:16288
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:21144
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:3912
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:6572
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9032
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21988
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11136
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15476
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20172
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6648
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11620
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15492
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20140
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9240
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:13368
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:2484
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:21084
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2452 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:1204
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5628
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:9416
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11744
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15556
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:14128
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7344
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22052
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8248
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:10144
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12736
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15468
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20124
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:4960
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7328
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15772
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:21060
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8356
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20212
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12924
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:3184
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19516
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6312
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9344
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11916
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15540
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19740
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8488
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9112
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:13036
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15372
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20924
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:3600
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5728
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8420
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11988
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15668
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20320
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5228
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8404
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20868
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:13076
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:4700
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20932
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:2968
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:7980
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9180
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:18492
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12672
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:1708
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20900
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:6284
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:11920
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5032
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20432
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:9256
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:19684
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:13392
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:15160
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:20956
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4104 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4396 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:2324
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:5820
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:9228
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:11908
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:15548
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:19732
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7248
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:8436
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:22108
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:12916
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15388
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20964
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:4920
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:6160
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9392
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11896
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:1156
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19500
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6272
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11968
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15604
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20408
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8296
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9140
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12720
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15452
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20100
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:892
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5796
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:9424
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"6⤵PID:20384
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11900
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15580
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20440
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:7240
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:22004
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8680
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:19676
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:13000
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:3192
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:21964
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:3932
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6964
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:11528
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:15700
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:7560
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8672
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:5056
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15628
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20204
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:6656
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9876
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:10180
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15724
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:21036
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:9220
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:11120
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:15588
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:20424
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3796 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:4036
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6136
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:13044
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:2252
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20908
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:7856
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20860
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:9204
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"5⤵PID:20328
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12984
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15460
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20132
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:1888
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:6580
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:8588
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:12328
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15572
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20464
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:6328
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:13024
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15444
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:20092
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:8500
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:9076
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:11128
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:15596
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:20416
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4040 -
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:5804
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:11544
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:15692
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:22512
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:7420
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:8196
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:12712
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:2212
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:7748
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵PID:2972
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:1480
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"4⤵PID:22068
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:9164
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:12704
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:15508
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:20164
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵PID:6372
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:13052
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:2228
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"3⤵PID:19724
-
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵PID:9264
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵PID:13384
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵PID:4480
-
-
C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ce3f8e19d0c2db31d0c496b2596cab90_NeikiAnalytics.exe"2⤵PID:23124
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\asian lingerie cumshot public boobs granny (Kathrin).mpeg.exe
Filesize657KB
MD58b29fbe6d248f437835117ab454aca4d
SHA171c2b1f2ce77aa32ce177cdb00a725f280fd1dac
SHA25674b4228d10f1351936d34976f2370e194e8afdfcc7637ef0f84a60759542be3d
SHA5126f472a02709be0c1a56c04af8c95e32c367cf813b2efcb5e32a3a613be30d203588498f6a0c867ca419773d9e79c821fa62d1287d056e5d0d2b021eaf9ac9d84