cd92dfde4955a24f35e8359f972e2401a0493988b4fe44fc35dbcc82800f0596

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
16-05-2024 14:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
Size

76KB
MD5

e20d616b325d43abf6e538734cfd5b10
SHA1

ef0ac19d1bbff5f9f80db0ee57662c19f1635526
SHA256

cd92dfde4955a24f35e8359f972e2401a0493988b4fe44fc35dbcc82800f0596
SHA512

9942e4d0272599e9d58975bea9f83d3826c6a09e6c9b7f539c5cdee024855697e4a46e2719cb2e829addc2493c32415afcf1b6b8a4e7ab1cfacf8d33ca43de59
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/fcicG:6e7WpMaxeb0CYJ97lEYNR73e+eKZf

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3449) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Notes_loop.wmv.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\libvlccore.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\js\calendar.js.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonDown_On.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\oledb32r.dll.mui.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-tools.xml.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.Printing.resources.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\ja-JP\cpu.html.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sr.pak.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\flyout.html.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\js\clock.js.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\GRAY.pf.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler-common.xml.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\en-US\ShvlRes.dll.mui.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaireMCE.lnk.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\install.log.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.htm.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\jmxremote.access.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\La_Paz.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_h.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\he.txt.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Dawson.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Oslo.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\liboldmovie_plugin.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcer.dll.mui.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_ja.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationRight_ButtonGraphic.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\en-US.pak.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-api_ja.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\PST8PDT.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_ja.jar.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\gstreamer-lite.dll.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\firefox.cfg.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\e20d616b325d43abf6e538734cfd5b10_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
77KB

MD5
0272ac800e7f9fba2b4314c35a1d3f4d

SHA1
e0a7ed6d77c15a89675949bfccfe29ba283cde57

SHA256
91912d44479a94d1df0c265d71210ab9d95634d46d44127fea28be20cdb3fcf4

SHA512
c23b5bee82397f776b05813d880f691f58d0f78024bda4ce747ad391d9423cc572d8c2fbc16f778bf62bf5b3fa5c99b7925b7b886b6b820da725993e7f5ddc59

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
85KB

MD5
0eed6539c71442b3311a59d235be8426

SHA1
c1168a999fa9ac70125f356519dbaae9b7df66eb

SHA256
6ad08304d056b38dcbce86de8f308ea1a45702116c7494de65132b08e46d30aa

SHA512
6fc43588aa85627021d0542382eb0ac44f068e19d6647a2d464daf49b1770d2f19fa5c39dcf71cb23744b4829140592de279c03293d1b4fe5673c65bc6077b12

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads