Analysis
-
max time kernel
11s -
max time network
111s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
15/05/2024, 10:36
Behavioral task
behavioral1
Sample
c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe
-
Size
2.0MB
-
MD5
c7f57ec48780dddb979b894f7e7b1310
-
SHA1
79c798fc08f591baba78353d0af4c5b083718d1a
-
SHA256
739d40ba2f8ada90e43bbc0d9f9b6860f23c3a0baf4ac8a738ebed9aa45703d3
-
SHA512
4e8106406137a068b241fe64ac4fc29cf6fadb52dfb3318b95b3e21e6148d1da678c7b432458af74f09043eb39f74c22d0932bd90dab936458f95a135e9aba02
-
SSDEEP
49152:3xaCUmObqYqsEZoGCX+tyUUC4PlBAX2UIKzmBCnQu6FQ:v9OJHGoMtPv5z0IQ9Q
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 11 IoCs
Looks up country code configured in the registry, likely geofence.
description ioc Process Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
resource yara_rule behavioral2/memory/1292-0-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/files/0x000700000002340a-5.dat upx behavioral2/memory/4076-164-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4044-182-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3488-183-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3504-184-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3408-185-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3564-187-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4436-186-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3756-189-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1292-188-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4164-191-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2692-190-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3900-192-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2636-193-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2656-195-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4212-196-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4076-194-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1136-198-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4044-197-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3488-200-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1292-199-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4436-204-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3408-203-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1580-202-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3504-201-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4704-206-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3564-207-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4708-205-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1784-209-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2204-211-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2044-210-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3756-208-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4944-213-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4164-212-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1468-215-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2636-214-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4212-217-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5128-218-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2656-216-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1136-219-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5260-223-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3652-222-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5204-221-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5208-220-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4588-228-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5352-230-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1108-233-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4704-232-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2204-236-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2044-235-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1784-234-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1468-238-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4944-237-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5128-239-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5436-242-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5260-241-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5204-240-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4392-229-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4708-231-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5388-245-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5452-244-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5460-246-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5344-247-0x0000000000400000-0x000000000041E000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\Q: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\R: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\S: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\A: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\E: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\G: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\L: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\N: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\U: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\V: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\H: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\J: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\I: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\O: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\T: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\W: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\Z: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\Y: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\B: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\K: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\M: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\P: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File opened (read-only) \??\X: c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
description ioc Process File created C:\Windows\SysWOW64\IME\SHARED\gang bang gang bang voyeur (Sylvia,Sandy).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\beast full movie hotel .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\danish cumshot beastiality [milf] boobs .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\gang bang [milf] feet (Liz,Janette).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\gay trambling hot (!) feet castration .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\sperm big blondie (Jade).zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\french fucking girls boobs shoes .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\danish cum big legs upskirt .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\lesbian beastiality girls glans stockings .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\fucking full movie hairy (Tatjana).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\russian kicking full movie ΋ .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\malaysia fucking beast licking mature .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Drops file in Program Files directory 18 IoCs
description ioc Process File created C:\Program Files (x86)\Google\Update\Download\norwegian fucking masturbation .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\swedish cumshot gay [milf] wifey .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\Templates\black trambling voyeur (Britney).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\horse hardcore hidden boots (Sonja,Kathrin).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\tyrkish beastiality trambling voyeur wifey .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\beastiality kicking big girly .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\spanish horse masturbation sweet (Karin,Curtney).avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\fetish [free] .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\dotnet\shared\blowjob hot (!) fishy .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\danish horse masturbation hole .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\cumshot handjob public .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\black horse several models wifey .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Common Files\microsoft shared\handjob public sweet .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\tyrkish lingerie public ash ejaculation (Gina).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Microsoft Shared\german beast hardcore several models .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\norwegian kicking hidden (Karin).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\lingerie lesbian beautyfull .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\nude animal public vagina girly .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Drops file in Windows directory 64 IoCs
description ioc Process File created C:\Windows\WinSxS\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_10.0.19041.1_none_8c0b126c198fcf70\fetish gang bang big pregnant (Tatjana).zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\CbsTemp\bukkake sperm licking mistress .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\gang bang horse hot (!) hole lady .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\sperm lesbian (Sarah).zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.572_none_cf90e12518baac85\cumshot sperm uncut boobs hairy (Sandy,Anniston).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.1266_none_7916f7558927ae23\gay licking .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\swedish horse beastiality big .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\russian gay uncut ash granny (Christine,Kathrin).mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\nude nude uncut .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1_none_19d22204a1f3fcaf\african trambling kicking sleeping latex .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.746_none_2212358fc33cc10f\russian handjob hardcore catfight .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.867_none_c29826784f9429f8\indian lesbian public (Christine,Kathrin).mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\african animal sperm full movie (Jade,Britney).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\horse nude hot (!) (Karin).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\lingerie big bondage .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_de-de_881b257d159a5de8\canadian blowjob gay big vagina (Liz).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\russian hardcore lingerie voyeur glans (Sandy).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\xxx trambling [milf] black hairunshaved .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\spanish bukkake trambling hidden ash mistress .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\asian sperm full movie feet YEâPSè& .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\african gang bang voyeur titts black hairunshaved (Tatjana).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1288_none_ca3007304990b2ea\malaysia nude horse catfight (Sandy).avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.964_none_1c1a193f5bfcf136\tyrkish trambling [milf] titts redhair .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\lesbian sleeping stockings .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1151_none_fbdc4c5f677dc2ec\bukkake big cock .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.1_none_c6da8048542fddc7\norwegian fetish full movie feet (Gina,Britney).avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\horse beast masturbation .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\german porn [milf] legs wifey .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\american nude masturbation nipples ejaculation (Sylvia).zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.264_none_cb389cf57d74d691\danish horse several models .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\porn [free] nipples granny (Christine,Sonja).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\lesbian fucking hot (!) glans (Janette).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\Downloads\danish beastiality xxx girls boobs (Karin,Samantha).avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\chinese sperm hidden blondie .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\porn gay [bangbus] .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\blowjob trambling hidden 40+ (Curtney).rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1_none_3cfd44d351b1a8ab\black bukkake lesbian latex (Janette,Sonja).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\nude girls fishy (Liz).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\japanese lingerie [free] shoes .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\american cum hidden .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\blowjob uncut ash .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\fucking hardcore lesbian 40+ .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\tyrkish hardcore trambling licking hole .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.1_none_fa09f84703cb02c5\african horse hardcore lesbian leather (Sonja,Christine).mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\tyrkish blowjob licking (Jenna).avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-mccs-engineshared_31bf3856ad364e35_10.0.19041.1_none_abfc9db6c377b91f\horse catfight .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\french trambling uncut glans .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\Downloads\norwegian kicking xxx catfight .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\horse nude licking titts YEâPSè& .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.1_none_5d54c0aac5c3c12c\brasilian handjob catfight ash .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\japanese sperm hidden glans latex .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\italian fucking girls vagina (Kathrin,Sarah).zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\asian gang bang kicking [milf] bedroom .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\russian animal horse catfight leather .rar.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1202_none_d8a1416ab7cccdcf\french nude sleeping cock stockings .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\japanese gang bang nude hidden titts pregnant (Janette).mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\trambling public .mpeg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\british lesbian uncut feet .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.844_none_57eddd48e7a74274\nude several models .avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.1_none_9aa486d790131d4e\british xxx [bangbus] granny (Sandy,Tatjana).avi.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\african action horse hot (!) legs (Sandy).mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\indian hardcore lingerie hot (!) hole beautyfull (Janette).zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_de-de_16bd831fd16633be\italian fucking gang bang public leather .zip.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\russian blowjob several models .mpg.exe c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 62 IoCs
pid Process 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4436 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4436 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3564 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3564 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3756 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3756 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4164 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4164 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2636 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2636 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2656 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 2656 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4212 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4212 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1136 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 1136 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 1292 wrote to memory of 2692 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 86 PID 1292 wrote to memory of 2692 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 86 PID 1292 wrote to memory of 2692 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 86 PID 2692 wrote to memory of 3900 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 91 PID 1292 wrote to memory of 4076 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 92 PID 2692 wrote to memory of 3900 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 91 PID 2692 wrote to memory of 3900 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 91 PID 1292 wrote to memory of 4076 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 92 PID 1292 wrote to memory of 4076 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 92 PID 1292 wrote to memory of 4044 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 96 PID 1292 wrote to memory of 4044 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 96 PID 1292 wrote to memory of 4044 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 96 PID 2692 wrote to memory of 3488 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 97 PID 2692 wrote to memory of 3488 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 97 PID 2692 wrote to memory of 3488 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 97 PID 3900 wrote to memory of 3504 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 98 PID 3900 wrote to memory of 3504 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 98 PID 3900 wrote to memory of 3504 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 98 PID 4076 wrote to memory of 3408 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 99 PID 4076 wrote to memory of 3408 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 99 PID 4076 wrote to memory of 3408 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 99 PID 2692 wrote to memory of 4436 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 101 PID 2692 wrote to memory of 4436 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 101 PID 2692 wrote to memory of 4436 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 101 PID 4044 wrote to memory of 3564 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 102 PID 4044 wrote to memory of 3564 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 102 PID 4044 wrote to memory of 3564 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 102 PID 1292 wrote to memory of 3756 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 103 PID 1292 wrote to memory of 3756 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 103 PID 1292 wrote to memory of 3756 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 103 PID 3900 wrote to memory of 4164 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 104 PID 3900 wrote to memory of 4164 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 104 PID 3900 wrote to memory of 4164 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 104 PID 4076 wrote to memory of 2636 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 105 PID 4076 wrote to memory of 2636 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 105 PID 4076 wrote to memory of 2636 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 105 PID 3504 wrote to memory of 2656 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 106 PID 3504 wrote to memory of 2656 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 106 PID 3504 wrote to memory of 2656 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 106 PID 3488 wrote to memory of 4212 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 107 PID 3488 wrote to memory of 4212 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 107 PID 3488 wrote to memory of 4212 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 107 PID 3408 wrote to memory of 1136 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 108 PID 3408 wrote to memory of 1136 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 108 PID 3408 wrote to memory of 1136 3408 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 108 PID 4044 wrote to memory of 3652 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 111 PID 4044 wrote to memory of 3652 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 111 PID 4044 wrote to memory of 3652 4044 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 111 PID 1292 wrote to memory of 1580 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 112 PID 1292 wrote to memory of 1580 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 112 PID 1292 wrote to memory of 1580 1292 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 112 PID 2692 wrote to memory of 4588 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 113 PID 2692 wrote to memory of 4588 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 113 PID 2692 wrote to memory of 4588 2692 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 113 PID 3900 wrote to memory of 4392 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 114 PID 3900 wrote to memory of 4392 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 114 PID 3900 wrote to memory of 4392 3900 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 114 PID 3488 wrote to memory of 4708 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 115 PID 3488 wrote to memory of 4708 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 115 PID 3488 wrote to memory of 4708 3488 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 115 PID 4076 wrote to memory of 4704 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 116 PID 4076 wrote to memory of 4704 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 116 PID 4076 wrote to memory of 4704 4076 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 116 PID 3504 wrote to memory of 1108 3504 c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe 119
Processes
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1292 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2692 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3900 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3504 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:2656 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:5260
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:5312
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:8168
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"9⤵PID:18364
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:10896
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"9⤵PID:23676
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:12092
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:15308
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:12844
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:6528
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:18316
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:9296
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:4500
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:10596
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15488
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:17496
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:5360
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:8344
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:16464
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12420
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15184
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:23544
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6680
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12436
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:16444
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:21944
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:8532
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:17144
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:22776
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12404
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15204
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:21980
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:1108
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6220
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:9488
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:15968
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:17216
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:11220
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:14908
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:3264
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:7432
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:18288
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:9412
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15928
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:8128
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12268
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16732
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22540
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5428
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:9200
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:18356
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12308
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15480
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:13160
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6736
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15952
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22532
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:8640
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16740
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22868
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:4508
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15120
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12616
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:4164 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:1468
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6192
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:9520
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:5948
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12260
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:14892
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12860
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:7756
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:18412
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10184
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12204
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:14932
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12600
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5496
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:9564
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:16244
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:20856
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12276
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15828
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15732
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7424
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16480
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9440
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:21420
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12284
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15252
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23288
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:4392
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6212
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:9356
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:18428
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10472
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15804
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22592
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7516
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16724
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22556
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9424
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15548
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22564
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:11204
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:17628
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23644
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5444
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:1884
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:17008
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12428
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15228
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:3944
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6712
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:4128
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18620
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9060
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16372
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:11128
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12348
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:19692
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3488 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:4212 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5128
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6388
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:10176
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:5340
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12060
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:14916
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12524
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:7944
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:18380
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10036
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:6376
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12236
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15196
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:13108
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5488
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:8700
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15852
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:16028
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12372
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15772
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:17184
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6532
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16236
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22572
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9288
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6268
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10476
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18264
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:4708
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6380
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:9364
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:13320
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:17120
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:22736
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10436
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15496
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:17232
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7976
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:21412
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10824
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12116
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15584
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:21936
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5420
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7792
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:20664
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12316
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15836
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16016
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6728
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16268
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10688
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9208
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6164
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12300
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15268
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:23376
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4436 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:2044
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6500
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10212
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12756
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12212
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15812
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15912
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7984
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:21404
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10060
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6296
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12164
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15216
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12692
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5396
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:2620
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15844
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:4628
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:2492
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16936
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23328
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6776
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15568
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23384
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9348
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16224
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23232
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:1612
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:16364
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:21952
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:4588
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6544
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10804
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:23264
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12108
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15316
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12872
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:7992
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16316
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:21972
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:10044
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12896
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12244
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:14900
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12788
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:5460
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:8500
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15576
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23368
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12412
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:18612
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:6696
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:18396
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:8692
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:18420
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12076
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:15156
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12964
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4076 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3408 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1136 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5208
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6184
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:5088
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"8⤵PID:21384
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:10420
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15000
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:12584
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:7444
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:16324
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:23304
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:9432
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15936
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:2192
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12252
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:17108
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22756
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5344
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10292
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:23256
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12140
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15796
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:21996
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6760
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:18340
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9340
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16252
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:23320
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:2748
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15556
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:22788
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:2204
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6336
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10912
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:4156
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12084
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:17128
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22740
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7880
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:18348
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10068
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:13092
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12180
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15208
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:13140
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5404
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9116
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15592
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:21928
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12324
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15052
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23272
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6752
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18388
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9304
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:17708
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:22768
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:11200
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:18256
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2636 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5204
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:5368
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:5004
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15944
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"7⤵PID:15984
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:3688
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15788
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15520
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6648
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:6264
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9480
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15920
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16012
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12068
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15140
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12920
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5352
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7680
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16332
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:23224
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10276
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:23668
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12148
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15292
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12744
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6784
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16004
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15884
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9320
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15976
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16128
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12292
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15132
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12988
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:4704
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6240
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10220
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:24020
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12188
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15116
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12796
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:7568
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:17724
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:4512
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:10284
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:8952
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12156
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15280
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:13356
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:5436
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:8132
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18324
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:10796
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23100
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12132
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:14924
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:2816
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:6720
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:4012
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15820
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:21988
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:9048
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:18404
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12340
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:18272
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4044 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3564 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:1784
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:6328
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:10812
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:12124
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15472
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:15988
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:7908
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:16292
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:23312
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10192
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:22584
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12172
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15464
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12924
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:5412
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:8660
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:20656
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12332
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15996
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:17200
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6744
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16472
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9280
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:17136
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:22800
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:11284
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:16352
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:21960
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:3652
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6256
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:9404
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:3500
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:11212
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15452
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16024
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:7728
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18552
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:10052
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16340
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:22180
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12228
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15780
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:21852
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:5468
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:8564
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18332
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12396
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:13384
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:23296
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:6688
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12552
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15248
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:21920
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:8524
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:16260
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:21868
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12388
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:18280
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3756 -
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:4944
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6248
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:10900
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"6⤵PID:8180
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:12100
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:15300
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:13228
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:7532
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:18372
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9512
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16276
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:21876
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:11192
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15172
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12812
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:5388
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:8540
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:16284
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"5⤵PID:23240
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12364
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:16716
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:22880
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:6768
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:16300
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:23248
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:9312
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15240
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:22620
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12052
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:14844
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12768
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:1580
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:6520
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:10228
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12196
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15272
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:12828
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:7900
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:16308
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:23820
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:10076
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:6200
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12220
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:15148
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:20692
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:5452
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:8668
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:15632
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"4⤵PID:9672
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12380
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:15168
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:23280
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:6704
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:12560
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:16748
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:22548
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:8728
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"3⤵PID:16488
-
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:12356
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:17716
-
-
C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\c7f57ec48780dddb979b894f7e7b1310_NeikiAnalytics.exe"2⤵PID:23636
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\norwegian kicking hidden (Karin).rar.exe
Filesize1.1MB
MD5fdf039f620af84aee2a6d5980cfd8b25
SHA14a69567725ed44705875df2c184df43a9c054f83
SHA256e6f339a3b8b3f3de2a761036847219debb1d67d9e367b1878c61cf8ae623f52e
SHA51259e65dfe7cd753d741eaa8c9d165bc2320954178312109a0717feb52916c168fd7e92cfbdf5ffd481bdeef041d7b2b3e97f90d13293b9a9f392b3017058af6a8