c80248212c7dad067dc33a58f519d0b99546ce14bfeefb7e77a51e85de716930

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
17-05-2024 07:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
Size

126KB
MD5

d01ec0d1eb66f3d3377f91d23b4a9b90
SHA1

b093e5691ba27d814e7a3ffb8a8fc4720eb6e222
SHA256

c80248212c7dad067dc33a58f519d0b99546ce14bfeefb7e77a51e85de716930
SHA512

2cc2083cd17d2108040ffd481faff580dc40cdcb023db4bb8129ea997f5ff86d6bae56064f60e955693a9367cecbc86c5ab712d294f84bd2f64bc3a618c25c5d
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVz0:RqlIyFESWu0SWuGSwx/

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (512) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_SelectionSubpicture.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_wer.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\el.pak.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\ieproxy.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_1.emf.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdarem.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\en-GB.pak.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fr.pak.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lt.pak.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdaremr.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdfmap.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\rollinghills.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_SelectionSubpicture.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\el.txt.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IpsMigrationPlugin.dll.mui.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\msader15.dll.mui.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_ButtonGraphic.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\SecretST.TTF.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadomd.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Common.fxh.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado21.tlb.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\d01ec0d1eb66f3d3377f91d23b4a9b90_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2076

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
127KB

MD5
38f4c5febaf0412c703c0f5f69e3391f

SHA1
69d237f0de6c984bc626cd2e9c8b25aababe76f9

SHA256
8a3adcad891d47da777b05e48b796fc908ee05d52373026f4aef38cbea93b95c

SHA512
aa7a79da9d48a1e3a5a1cfa9f2e2be6e5e8db2be027585a9d34b6174731abf7104adcdc9dd0a4b1535fc7c665b2ca67213ba4a54e444a4dc7c4a80376f02438a

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
136KB

MD5
0f574d8fc2f3a7ff7bee2b776b724fb6

SHA1
77545be0999a11a6fb5955abba1b07f28751e74e

SHA256
3634e3e6e7871a79f8118b3afa4cb38d7c403f1e9e8f7f627a369900d81ada82

SHA512
6572b7f3d4447a3e8b3223ee98a91670b719396a3d31c26f776a7d43e806747d068832e20826cb843b04448f8fb7ed29ced3e72211ef299fbd7b09ce739e58f8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads