Analysis
-
max time kernel
13s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
15/05/2024, 10:30
Behavioral task
behavioral1
Sample
c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe
-
Size
1.5MB
-
MD5
c6e0f30f6a4fd5b7ef0dd7c72acf72d0
-
SHA1
35df513ea60bd2a7ab6b145376c8120b16044b40
-
SHA256
34ab557e65213f09bc4e4f57719b92a3a978886306e310748c26c2090abc6920
-
SHA512
636db8c7d4a44b2d994a33ef884ebc646874d22f930ceb973872f3c1250c2344b3cb3f0f33ccad096f58003e9e85b98f5cfddb3d32da2b8ebda6d7ba30732a29
-
SSDEEP
24576:bHm0vJCH9qnfs+iVYR99D32Gy3coIbvUJ2IBWERdaRHTqwpfH7FPxlboMyg4GSN:jmyIqnE+iV2PVC5IaAKdNwVFPnoMypR
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 16 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-2539840389-1261165778-1087677076-1000\Control Panel\International\Geo\Nation c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
resource yara_rule behavioral2/memory/2836-0-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/files/0x00070000000233c0-5.dat upx behavioral2/memory/4328-117-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3200-159-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4884-162-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3492-179-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2800-178-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4000-181-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1468-180-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4496-183-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2608-182-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4648-185-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3956-186-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1600-184-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2916-187-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2404-189-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2816-188-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1952-192-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3812-191-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/948-193-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4428-195-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3252-196-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4220-194-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3196-197-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2308-199-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5020-198-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2744-201-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4320-200-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4788-202-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4556-203-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4184-206-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3228-205-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/216-204-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4376-213-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2472-212-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3740-211-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4468-210-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2948-217-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1844-224-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4052-225-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2700-223-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/440-222-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3064-221-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2708-220-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1016-219-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3408-218-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4504-215-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3540-214-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1376-216-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5352-226-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5432-230-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5416-237-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5708-244-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5648-243-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5464-240-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5504-239-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5424-238-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5400-234-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5456-233-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5448-232-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5440-231-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5408-229-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5392-228-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5384-227-0x0000000000400000-0x0000000000429000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\W: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\Y: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\E: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\H: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\J: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\L: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\P: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\A: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\K: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\T: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\U: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\M: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\N: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\R: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\Z: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\S: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\V: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\X: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\B: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\G: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\I: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\O: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File opened (read-only) \??\Q: c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
description ioc Process File created C:\Windows\SysWOW64\FxsTmp\french lingerie fetish masturbation shower .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\bukkake gang bang hot (!) castration .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\canadian porn fetish hot (!) .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\african blowjob hot (!) feet .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\cumshot sperm hot (!) boots .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\french action fetish [bangbus] cock (Sonja).rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\handjob animal girls .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\russian gang bang [bangbus] ash femdom .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\action handjob big sweet (Tatjana,Karin).avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\french lesbian handjob catfight blondie (Tatjana,Tatjana).avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\black cum masturbation .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\horse beast [bangbus] glans (Sonja,Sarah).avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Drops file in Program Files directory 17 IoCs
description ioc Process File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\danish handjob girls bondage .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\handjob girls lady .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\nude several models high heels .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\gang bang fetish several models fishy .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\brasilian animal bukkake [free] (Sarah).mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\hardcore trambling [free] ejaculation (Curtney,Sylvia).avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\microsoft shared\cumshot cum hot (!) .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\fetish fetish licking beautyfull (Sarah,Sandy).mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\blowjob uncut sweet (Sonja,Kathrin).mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\animal blowjob public .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Microsoft Shared\african gay masturbation .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\gay beastiality big feet redhair .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\Templates\sperm handjob big hole 50+ .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\british nude sperm lesbian vagina pregnant .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\brasilian trambling horse [bangbus] beautyfull .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\dotnet\shared\malaysia nude [free] stockings .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\animal several models .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Drops file in Windows directory 64 IoCs
description ioc Process File created C:\Windows\mssrv.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\japanese blowjob [bangbus] (Jenna).mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\fetish full movie redhair (Sarah,Britney).zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\nude masturbation penetration (Jenna,Liz).rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_fd7349c396c417ae\handjob sperm licking circumcision .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\handjob girls legs redhair .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_89c0bf1761110f07\indian cum catfight sweet (Sarah).rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\american animal full movie ash .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\bukkake lesbian catfight legs femdom .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\norwegian trambling full movie gorgeoushorny .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_887b2378b7b5651d\black handjob licking bondage .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_10.0.19041.1_none_ae957c4c35a7bf73\african hardcore [milf] cock .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.746_none_ab42fb092bda9182\lesbian [free] glans pregnant .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.1_none_5d54c0aac5c3c12c\gang bang catfight bondage .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\german sperm big .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\danish cumshot uncut 50+ .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\security\templates\bukkake animal hidden ash lady .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\cum [free] .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\nude xxx licking titts .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\brasilian fetish several models stockings .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.1_none_2fe79eae2833b9b1\brasilian lesbian gang bang hot (!) .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\african gang bang lesbian YEâPSè& .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.844_none_67b5915b5651dd8a\japanese cumshot big bondage .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\norwegian fetish [bangbus] .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\chinese porn blowjob hidden ash (Liz,Sarah).mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_10.0.19041.1_none_bd731e5b85dd203e\african horse sleeping wifey .mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\african action hardcore lesbian .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\japanese fetish hidden femdom (Jenna).mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\horse horse licking boobs blondie .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\trambling beast several models titts .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-mccs-engineshared_31bf3856ad364e35_10.0.19041.1_none_abfc9db6c377b91f\kicking lingerie sleeping swallow .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\african porn cum several models .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\japanese bukkake horse licking titts ejaculation .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1_none_19d22204a1f3fcaf\canadian fucking fucking uncut latex .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.1_none_f42978969c79336a\blowjob cum several models .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\CbsTemp\bukkake horse licking .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_de-de_16bd831fd16633be\horse beast [bangbus] .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_es-es_e5c3ad79c4e34ebb\black bukkake cum [bangbus] .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\canadian bukkake masturbation femdom (Karin).zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\kicking big boots .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\porn fucking uncut .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\horse animal catfight titts .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\american xxx licking YEâPSè& .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.746_none_2212358fc33cc10f\beast [free] legs (Jenna,Liz).mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-p..al-securitytemplate_31bf3856ad364e35_10.0.19041.1_none_a3d9a07cf2290837\indian cum big sweet (Christine,Melissa).zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\bukkake lesbian glans bondage .mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\african porn cumshot [free] (Gina,Melissa).avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\russian porn uncut feet pregnant .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\lesbian [free] (Liz).mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\danish beastiality handjob catfight swallow .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\canadian nude hidden ash (Jenna).mpg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\sperm gang bang [milf] swallow .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\horse kicking voyeur balls .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\beastiality catfight leather .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\beast beast [free] titts bedroom (Sonja).mpeg.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\italian animal beast voyeur .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\swedish bukkake hot (!) .zip.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.153_none_e23c926e32d07dc1\malaysia horse public boobs black hairunshaved .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\tyrkish beast porn voyeur .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.1_none_9aa486d790131d4e\british blowjob blowjob full movie young .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\trambling full movie sm .avi.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.867_none_c29826784f9429f8\xxx fucking [free] .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_b1ffa0e7b4ed03e2\horse [milf] 50+ .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_en-us_e5f85095c4bc5d16\lingerie licking .rar.exe c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2608 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2608 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4496 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4496 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4648 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4648 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 1600 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 1600 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3956 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3956 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2916 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2916 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2816 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2816 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2404 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 2404 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2836 wrote to memory of 4328 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 81 PID 2836 wrote to memory of 4328 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 81 PID 2836 wrote to memory of 4328 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 81 PID 2836 wrote to memory of 3200 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 82 PID 2836 wrote to memory of 3200 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 82 PID 2836 wrote to memory of 3200 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 82 PID 4328 wrote to memory of 4884 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 83 PID 4328 wrote to memory of 4884 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 83 PID 4328 wrote to memory of 4884 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 83 PID 2836 wrote to memory of 2800 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 85 PID 2836 wrote to memory of 2800 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 85 PID 2836 wrote to memory of 2800 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 85 PID 3200 wrote to memory of 3492 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 84 PID 3200 wrote to memory of 3492 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 84 PID 3200 wrote to memory of 3492 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 84 PID 4884 wrote to memory of 1468 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 86 PID 4884 wrote to memory of 1468 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 86 PID 4884 wrote to memory of 1468 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 86 PID 4328 wrote to memory of 4000 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 87 PID 4328 wrote to memory of 4000 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 87 PID 4328 wrote to memory of 4000 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 87 PID 3200 wrote to memory of 2608 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 88 PID 3200 wrote to memory of 2608 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 88 PID 3200 wrote to memory of 2608 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 88 PID 2836 wrote to memory of 4496 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 89 PID 2836 wrote to memory of 4496 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 89 PID 2836 wrote to memory of 4496 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 89 PID 4328 wrote to memory of 1600 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 90 PID 4328 wrote to memory of 1600 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 90 PID 4328 wrote to memory of 1600 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 90 PID 4884 wrote to memory of 4648 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 91 PID 4884 wrote to memory of 4648 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 91 PID 4884 wrote to memory of 4648 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 91 PID 2800 wrote to memory of 3956 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 92 PID 2800 wrote to memory of 3956 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 92 PID 2800 wrote to memory of 3956 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 92 PID 3492 wrote to memory of 2916 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 93 PID 3492 wrote to memory of 2916 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 93 PID 3492 wrote to memory of 2916 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 93 PID 1468 wrote to memory of 2816 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 94 PID 1468 wrote to memory of 2816 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 94 PID 1468 wrote to memory of 2816 1468 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 94 PID 4000 wrote to memory of 2404 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 95 PID 4000 wrote to memory of 2404 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 95 PID 4000 wrote to memory of 2404 4000 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 95 PID 3200 wrote to memory of 3812 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 96 PID 3200 wrote to memory of 3812 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 96 PID 3200 wrote to memory of 3812 3200 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 96 PID 2836 wrote to memory of 1952 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 97 PID 2836 wrote to memory of 1952 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 97 PID 2836 wrote to memory of 1952 2836 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 97 PID 4328 wrote to memory of 948 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 98 PID 4328 wrote to memory of 948 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 98 PID 4328 wrote to memory of 948 4328 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 98 PID 2608 wrote to memory of 4220 2608 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 99 PID 2608 wrote to memory of 4220 2608 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 99 PID 2608 wrote to memory of 4220 2608 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 99 PID 2800 wrote to memory of 4428 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 100 PID 2800 wrote to memory of 4428 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 100 PID 2800 wrote to memory of 4428 2800 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 100 PID 3492 wrote to memory of 3252 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 101 PID 3492 wrote to memory of 3252 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 101 PID 3492 wrote to memory of 3252 3492 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 101 PID 4884 wrote to memory of 3196 4884 c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe 102
Processes
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2836 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4328 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4884 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1468 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2816 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:4556
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:5416
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:9368
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:13360
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:6720
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:7056
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:9724
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:7460
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:17340
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:5844
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:10420
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:13928
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:6656
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:1016
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:6804
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:17332
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:5616
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:7544
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"8⤵PID:19020
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:10288
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:14400
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:7256
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5944
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:13600
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:4348
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7664
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:11028
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10500
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14276
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:6384
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5020
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5352
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:9876
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:13984
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:4784
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:6824
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:13444
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:12508
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7528
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:18452
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10324
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14324
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18428
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:4376
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:6644
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:15568
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:6148
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7560
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:19864
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10396
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14352
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18420
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:3012
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:12080
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:2400
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7428
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19052
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9304
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13684
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:1752
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4648 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:2744
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5456
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:9632
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:13420
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:11908
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7128
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:19128
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7412
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:19012
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9416
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13912
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:4948
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:2472
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7112
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:19060
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7444
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:14052
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10388
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14592
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9116
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5880
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:8732
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:15656
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7720
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14096
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10556
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:15352
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6352
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:3196
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5424
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:8736
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13320
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7372
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7064
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13764
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7476
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:11336
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:22412
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10308
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14528
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7000
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:3540
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6532
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:15620
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:6052
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7568
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19068
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10380
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14332
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5488
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5836
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:17348
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5856
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7576
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18124
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10476
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:15288
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6452
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4000 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2404 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:3228
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5432
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:9616
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:13228
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:6492
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7120
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:17316
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:5808
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7388
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:18996
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10516
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13936
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:6348
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:4052
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9900
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13796
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:4896
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6180
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:15712
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:21300
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:4852
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7592
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19092
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10404
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14376
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:164
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:2308
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5448
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:8744
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13352
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18388
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6812
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13564
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7536
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19076
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10508
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14636
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9160
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:2708
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7136
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19308
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7436
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9468
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:21324
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10356
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13812
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:2420
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5828
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:17300
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5732
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7380
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18468
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10340
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14236
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:4448
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1600 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:216
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5400
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9884
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13820
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:1324
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6944
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:17372
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5740
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7492
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:3916
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:21308
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10272
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14344
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18404
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:3408
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6632
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:17284
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5840
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7552
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19044
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10280
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14368
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:17180
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6140
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:15724
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6224
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7584
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18492
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10460
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14544
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6428
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:948
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5464
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9980
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13776
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:11792
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6976
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:19036
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7484
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:11032
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10372
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14308
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:4952
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:3064
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7692
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13176
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10788
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14360
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5380
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:5548
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14064
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7608
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:20072
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:10428
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:14560
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7040
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3200 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3492 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2916 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:4184
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5648
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:9376
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:11404
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:11904
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7784
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:18436
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10436
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14552
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9332
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:1844
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7884
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:14960
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10808
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14392
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:6676
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6132
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14136
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7616
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19028
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10452
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14412
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6692
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:3252
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5504
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9892
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13804
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:1608
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7096
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:17364
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:5760
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7396
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:14648
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10540
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14620
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9220
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:4504
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:8624
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18944
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:11728
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:17096
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6032
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6116
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:17256
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5940
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7624
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:19848
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10348
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14244
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:1832
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2608 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:4220
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5764
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:7700
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"7⤵PID:19872
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:10524
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13948
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:4292
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7648
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19856
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10492
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14600
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5576
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:2948
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9848
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13412
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14196
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:2408
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:15180
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6016
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7640
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13992
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10332
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14228
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6848
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:3812
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5708
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:8760
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13344
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9020
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7776
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:19136
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10800
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:13952
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5516
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:2700
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:9640
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:13404
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:2340
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:5556
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:17308
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5960
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7420
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14156
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:9988
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:13336
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:12008
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2800 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3956 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:4320
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5440
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:9624
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:13328
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18396
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:6984
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19004
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7500
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18980
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10532
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14628
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:5512
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:3740
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7104
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:19116
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:7452
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"6⤵PID:18484
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:10300
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14208
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:2136
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5952
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:12792
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:14092
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7656
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18460
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10484
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14520
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6296
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:4428
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5384
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:8752
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13376
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18136
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6888
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13452
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18380
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7508
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18936
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10836
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:13664
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:8408
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:1376
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:8632
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:19748
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:11952
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:17156
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:2872
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:5552
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:17356
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5680
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7600
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:928
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:21316
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:10468
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:14536
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:17280
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4496 -
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:4788
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5408
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9768
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:13396
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:17772
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7088
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18476
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7404
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:18444
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:9996
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:13704
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:18372
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:4468
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:6992
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:9708
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:7468
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"5⤵PID:19736
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:10364
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:14316
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:18412
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:5888
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:12388
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:9560
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7684
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:19084
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:10816
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:13672
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7004
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:1952
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:5392
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:9856
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:13696
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:11936
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:6836
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:17324
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:5848
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:7520
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"4⤵PID:11724
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:10444
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:14608
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:6928
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:440
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:9972
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:13428
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:6576
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:3664
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:16932
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:4584
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:7632
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"3⤵PID:18988
-
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:10316
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:14384
-
-
C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c6e0f30f6a4fd5b7ef0dd7c72acf72d0_NeikiAnalytics.exe"2⤵PID:18364
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\danish handjob girls bondage .avi.exe
Filesize110KB
MD559a8229c787207c264cabf6b5584586a
SHA12a96ac75e571de94f5414b4a64baececd23e0b76
SHA25629c492d1f2ca60baef4dddf648181a2c0883ae7754334e201f41ab8c654d974f
SHA512987b34e0ba20dd836bbc64aeb9929aeb0999a0ff7a22dce9d1dbb28e02c220ffc83f49a8b41e7e324deb8bd950cc8f76bf833ac6f54a8961063ab4889d16aad7
-
Filesize
146B
MD5cbad156917acf6562923173e870e88dd
SHA16957ebaae1ab411306e5d06ebd96fe3fcf4365fc
SHA2567dc545cb202e3a7dd57c9aa7ef881d9fa12298f11121bfbaddcc7adb4d4afad1
SHA512247838aeb3b72830868a9ce1c74fe1e96f2a1f05259dfa138aeed21dd67f9fcae04f32a8f96c23b9aaef546362f834321878a9d88befc922f4a510ad2105b1a9