Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
15/05/2024, 19:39 UTC
Static task
static1
Behavioral task
behavioral1
Sample
220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe
-
Size
143KB
-
MD5
220ce25c714cb4289254e39dd00718b0
-
SHA1
a459f837cc8be4bff006b3387ca456210d03079c
-
SHA256
0045949150a4f7514a47646a734bd11f2b55110fcfa460eab9baef59ea283540
-
SHA512
3e8117769133fa70895c58c6c5529d5c992ea5ac7f473140681d1c849bfce6ba1c90b77ca52e8736c0392f5728ffadfa4ab2a04a68081b8fd003efc79f5c2b57
-
SSDEEP
768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXBvjfMfvjfMMfQsblBOo:/7ZQpApUsKiXBvzwvzXJvlwJvl0ey
Malware Config
Signatures
-
Renames multiple (3143) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\api-ms-win-crt-convert-l1-1-0.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-previous-static.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Solitaire\fr-FR\Solitaire.exe.mui.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\IpsMigrationPlugin.dll.mui.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Antarctica\Davis.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\et\LC_MESSAGES\vlc.mo.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fa.pak.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_zh_CN.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\http\images\vlc16x16.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Backgammon\it-IT\bckgRes.dll.mui.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Purble Place\PurblePlaceMCE.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port-au-Prince.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Tegucigalpa.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Windows.Presentation.resources.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterRegular.ttf.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-charts.xml.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.DataSetExtensions.Resources.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7.png.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\FlickLearningWizard.exe.mui.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Halifax.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\awt.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mip.exe.mui.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher_1.1.0.v20131211-1531.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\History.txt.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll.tmp 220ce25c714cb4289254e39dd00718b0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
143KB
MD5c9600e67cccc208d3a0a27f478cb4697
SHA14514e4e053b1867500e2ffb047c0c5d44b08f293
SHA256e6f272367d3c9ae126ae9f341f7f91302702dac26eae82aa662765b062d6df79
SHA512c19d8271aa5570d28e2bf8ef31e402bb4cdf851e9f9e14cc2b4a46cc29f9e250918fbb47295c1bcbc656eb291a37b0fad6d5406c09c90b6a06cbf79eabde36be
-
Filesize
152KB
MD5a81231dca5a64ae792fb27bedcf29b17
SHA12dfab0859b382dfe44bc0f9891ca54c930a9eeb0
SHA256c755b30dca6265cd3e813bfa7b0e9cc8cc3faf107c299e4cf659bc3efbe5db3c
SHA512c9a5946f540b7bbb20b958593ea6dd111e5e6b2d98828742f2a3796c9fadd910ce996b300ddffc6a6e08d42fd7df5761a4ac72c0b8c496ca16dfbc99d523983f