d380cb6fb23f6a9a5ffd35fcd936254f628f9f47dfc356f4bcade680d74cfbd9

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
15/05/2024, 19:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
Size

83KB
MD5

23d81477b6b5a2f4e66494d919f96240
SHA1

81148534effa6be636c71d99d9488b06bd4ca1cf
SHA256

d380cb6fb23f6a9a5ffd35fcd936254f628f9f47dfc356f4bcade680d74cfbd9
SHA512

abe046a54d2ea328e7c85990803bdb29f416cabf98194f3872b6146869d081cff159fc9a21d2ee3e351462e1978cd83aca36f1a1997a1df9b16f9f9c1cdfdbcd
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/X:6e7WpMaxeb0CYJ97lEYNR73e+eKZX

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3486) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\ado\msadomd28.tlb.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\css\weather.css.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\More Games\MoreGames.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\COPYING.txt.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\1047x576black.png.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7MDT.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\clock.html.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\ja-JP\MSTTSLoc.dll.mui.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\he.txt.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Net.Resources.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\bn.txt.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\de-DE\JNTFiltr.dll.mui.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-io_ja.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.IO.Log.Resources.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Resources.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\ja-JP\TableTextService.dll.mui.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\js\localizedStrings.js.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Adak.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\libGLESv2.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdvdread_plugin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\fieldswitch.ax.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.Design.resources.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Resources.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\it-IT\gadget.xml.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full.png.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\dependentlibs.list.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\WindowsAccessBridge-64.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-2.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\ja-JP\msoeres.dll.mui.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\or_IN\LC_MESSAGES\vlc.mo.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.attributeTransformation.exsd.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Sitka.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll.tmp	23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\23d81477b6b5a2f4e66494d919f96240_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
83KB

MD5
c35142f1b7c42967b4ec251e967b94cc

SHA1
5fe9594b1bde38577aa5ad55a3e6129c793a5cbd

SHA256
ff8210d5467711b7a8af286a70594244961e7ca92ef27c42e62731be580e3a3e

SHA512
9b8e572728ec04882fdfe11a7fb3773a9bbf3619e9f685c84091845a2f17ec39984be354b32803e64fdfcabf143c77fd16c20f4a54a80dad1aa43a3b62d7094b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
92KB

MD5
939f79e9fa5fc0b496548af73b74f577

SHA1
715272d34f9b20ec1668d97ceb9f9219b661d095

SHA256
47c00e8fc7ebefe012e63bd8864d48a3e89424b96cbdf08c89a67480f8448e9e

SHA512
b46d41cfdad2da639ad308d7dd5d90f4a2408a0fce5ef5958fb91e84dce9603d2d2bb7b1ae4d3b8451ebba6d8f2b60478e0f180253ed013e72c00d038036709d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads