e5384fdddd0cf77f8f1e6872fee44c51981a112094d8616152394e5235347426

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
15/05/2024, 17:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
Size

66KB
MD5

0b55cb2095a89d0f51b9a4acb5a446a0
SHA1

d9eeedba65d5dde2be54e31889564b44b2080a8d
SHA256

e5384fdddd0cf77f8f1e6872fee44c51981a112094d8616152394e5235347426
SHA512

70f8696790171617fab5937804784e1c8511ef7fef2b416a00b3b29f802a1585369f2a01132cb43a865181cf7009ba52ceb981fcb653537975495968d2077177
SSDEEP

768:W7BlpDpARFbhYQkQjjLaManvFNFO/Ms5Ms2Fnj28/8UMWMtb9IWW0DiDyrJfs6fs:W7ZDpApYbWjCDOgj28/8vhtbQ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3657) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.DataSetExtensions.Resources.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\skins\skin.dtd.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.ServiceModel.Resources.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7Handle.png.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\css\cpu.css.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\js\RSSFeeds.js.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\heart_glass_Thumbnail.bmp.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\awt.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\msoe.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waning-crescent.png.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-tools.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\libvlc.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jmc.ini.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\Chess.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\css\weather.css.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\gadget.xml.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pt.txt.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server-15.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_zh_CN.jar.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-print.xml.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Linq.Resources.dll.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\css\picturePuzzle.css.tmp	0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\0b55cb2095a89d0f51b9a4acb5a446a0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
67KB

MD5
26dc302767928c9f3e2712aa9c4bff8f

SHA1
7036400b00216c49ec04bd9abf6f4359db0be152

SHA256
50b057069a0e85998c3fb208786e0fa77f583f127e8abe9848f252e9787f4d26

SHA512
f1f6cec4dbe404e8e250e338c5d807c54e7f44e2644bc5356b09fa7cf2765e2257904ef3b1d8c2c5218e50da30a9b083b90e3bf0f7a54171591d2e5198c0edae

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
76KB

MD5
0d02faeba84b150de85ad5cc332ad23e

SHA1
5d3f6061046a6fedf8c6db1ad12f9486e7594536

SHA256
2e511dd9c394a877635bc9f281f11327eed8aa12f732226353b85f224af0ae73

SHA512
1c7b6bbd7d526189552e54933f8d27b4b91468fc5b4863e4d3d276ca93cc96d345d3d610fe541ed101188b43e7ecf6863d6964c6836e89a768c2c3d8c59a96b8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads