82df309fbad31e3d4fa91ba38d525a9652778a4cec7d8ba2cc97766678c75131

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
17/05/2024, 03:59

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
Size

132KB
MD5

a14def1e62cdcb424ef122fe530dbc80
SHA1

8178634b7da8c1b994186915b2f770c41c252b97
SHA256

82df309fbad31e3d4fa91ba38d525a9652778a4cec7d8ba2cc97766678c75131
SHA512

a864ce1959572c88bc30ccae698ed78e59fac5f031ca74657735477d3e173c20b17aa5bd284356b03d59f95812f3c769230eba0f9d439076489f40dc491b5448
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzL:RqlIyFESWu0SWuGSwx4

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.nl_zh_4.4.0.v20140623020002.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Canary.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\nl\LC_MESSAGES\vlc.mo.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstat.exe.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator.nl_ja_4.4.0.v20140623020002.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\server\jvm.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libvcd_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\skins\skin.catalog.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaSansRegular.ttf.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkObj.dll.mui.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\ZoneInfoMappings.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Resources.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_ja.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-io-ui_ja.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-1.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_smem_plugin.dll.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4.ssl_1.0.0.v20140827-1444.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Mahe.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Campo_Grande.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmpnscfg.exe.mui.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ps.txt.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ja_JP.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.htm.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs-nio2_ja.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar.tmp	a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a14def1e62cdcb424ef122fe530dbc80_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
132KB

MD5
ef3b506c206bfdd2c8cc12eea9a75f74

SHA1
e526b5fe8362138ecc46e1b384fcf2946743c4b6

SHA256
3b0cf3a33e3faabfe9105bce57740d8a36cf6ba14ba77fcb63e8fa073c3a94f2

SHA512
d33a3ec66fb394fbf3a694a9bdf54fc539c09c88d75c8024121aba800602dc7213924e7b3a8b874aadeae90762a08209493a5d3b88a8d8e93ebf0637f977e9b6

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
141KB

MD5
28e96ce0c7e7f9fce33829cd989a8c9b

SHA1
2a5158f4770e49ed08800e9e35391f3946073790

SHA256
0da37857194a3f9acfcabc015c20fb7eed2896e26b429d89d65d926593dd067c

SHA512
861cd996446c832a5968245b0f773c0fbc453506a1ec85e1f15dacb8a7924519cbb49096894c53b5fed03153a6f18d8a1288b0b79194f3523d242cb9cb69665f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads