f1385d1fd8f47b3743d91cf27f933b52e7e261d6a71084e033b2863a2474a46f

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
15/05/2024, 19:39

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
Size

129KB
MD5

221799b8d68f7e7702945d5448db2550
SHA1

a65bd425f68c0d2bcde0d1f9e96736d25290cc44
SHA256

f1385d1fd8f47b3743d91cf27f933b52e7e261d6a71084e033b2863a2474a46f
SHA512

f520c9173ed7a2825406640f1c1b2487cfd8d1619dfe41d1217db18dbeadda9a21475f19db5d55f47b0a486b37d86f80c72311aaccbc61449e249b2f525d8b33
SSDEEP

768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5jKn:/7ZQpApUsKiX265m

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3451) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\README.txt.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_es_plugin.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Rio_Gallegos.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Dawson.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Guayaquil.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\eo\LC_MESSAGES\vlc.mo.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_ja.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\kab\LC_MESSAGES\vlc.mo.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Eucla.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Matamoros.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\skins\default.vlt.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadox.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jfr\default.jfc.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\epl-v10.html.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Seoul.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\PushResolve.MTS.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\tt\LC_MESSAGES\vlc.mo.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Casey.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\feature.properties.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\MANIFEST.MF.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\unpack200.exe.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jdwpTransport.h.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx264_plugin.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\j2pcsc.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jni.h.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vevay.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es.pak.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.widgets.nl_zh_4.4.0.v20140623020002.jar.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ComponentModel.DataAnnotations.dll.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css.tmp	221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\221799b8d68f7e7702945d5448db2550_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp

Filesize
129KB

MD5
609948ffb92b988f0c94937059c8dab6

SHA1
a7d296a0f1347a1a6b0038f74b936cb7fc0d5a76

SHA256
8a9bb4fbfea823da5aa54042f71f99b2f821b2c33b15779328ce48266c25f0f6

SHA512
b308e311dc4cbde1421d11ccbbaa7ee37e871e184c60ab887364cc42fadc0922abb6bd0b41e4c9ace7dfdf21d790e34153843b0057edba5437bc3f121d0cb234

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
138KB

MD5
55c01c896d340c24a6dea1172d9cad56

SHA1
8704bb3bab8102268a7c60530c9b1240911347ed

SHA256
cd90e41df589e5271e22cd72ebd07b71404635b47ad17b8e3afb556bb891df01

SHA512
de236e2629e9614c9402cb539161e6878f3c4430d6022a19b5ee7ec2f6a1a808ccdce9477b2fb26d0893a71df3767e06e7b60f16efad9dc566c4d3d26dc1a431

Download Submit
memory/2916-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2916-534-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads