fa3e9d72b87b741ae47b302744b7052960971c3a5b3239a28cbddcb3322970a5

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
16/05/2024, 12:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
Size

73KB
MD5

de3af611acfde40447f6ae237af3e040
SHA1

9d2a4a6dea613ca9641697d9b08500c2f51b9988
SHA256

fa3e9d72b87b741ae47b302744b7052960971c3a5b3239a28cbddcb3322970a5
SHA512

a6162eb1d58cc9baf369b4d0bc5d9b0409d3d85b70d907963d4a0fa6a7cfe737c62f78cd81b933af2ccbe57cbc65df47b36fb3b50e719c8b6a04cad0452ccbd8
SSDEEP

1536:W7ZDpApYbWjCDOgj28/8HtOe+ec4X14XE:6DWpeDOKkHtOe+e3eE

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_zh_CN.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libcdda_plugin.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\yo.txt.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\de-DE\SpiderSolitaire.exe.mui.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Louisville.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.servlet_3.0.0.v201112011016.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\jmxremote.access.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\lv\LC_MESSAGES\vlc.mo.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\JNWDRV.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tallinn.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util-lookup.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Christmas.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\en-US\ChkrRes.dll.mui.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\cacerts.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-ui.jar.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ka\LC_MESSAGES\vlc.mo.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jvm.xml.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\libEGL.dll.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Port_of_Spain.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-13.tmp	de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\de3af611acfde40447f6ae237af3e040_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
73KB

MD5
b4f99ba08874b3e71a33f085441a567d

SHA1
f32e3f078d657dca92e0d85ab8398fbdd1bfa38e

SHA256
bad5b80bf9402cae117a6008f6673793314203443964a26b67d940b9845ba45f

SHA512
6836dd922e36892df9b61c01a9f3422b54449e62c30d5d198d98845e4ed3a912083d4846595f4b7ed94a0f17a71449745468afba4710e2055e860156fd73891f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
82KB

MD5
43e005992d65d9e91450d5c4f8d2aac6

SHA1
154ee93cd6dbb2590ca584fb6a73ed9c83f4098e

SHA256
7515dd27e98e21deb4802067ca40c8ae9a757fd508c4d4d7fc41afdb0a09a8a1

SHA512
b849dadc316fb1f85686b3a64f38bc79c3a304ae7794fabbe3b9d731f4465402e2aa8010d89206ea3e2ae6cf7f80008adcdc1b8f801425ab01b7cf26e6f8bdf6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads