996c84026ec238190737482749ad1d89f20cb52c0db39e6d5e5892f26d635750

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
17/05/2024, 08:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
Size

119KB
MD5

e0e53cabb619a8fe80a778399c8e7830
SHA1

d2c359a402f845425e00db18e76eca0f7084666f
SHA256

996c84026ec238190737482749ad1d89f20cb52c0db39e6d5e5892f26d635750
SHA512

e79b24138e976e0b59c818c1ff09bbd2f85a991d8cb2e6393f809f809d747bca0aa283aa95580d5211b03d69465b7e5ba333e346b046254fa79c0d2165857b7a
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzv:RqlIyFESWu0SWuGSwxk

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3439) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\readme.txt.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_zh_CN.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_m.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\css\settings.css.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ia\LC_MESSAGES\vlc.mo.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\css\calendar.css.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sampler.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Brunei.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kolkata.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_h.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.lnk.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\desktop.ini.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\Microsoft.Build.Engine.resources.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\ja-JP\WMPMediaSharing.dll.mui.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\alt-rt.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_a52_plugin.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\OmdProject.dll.mui.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\am.pak.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado15.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yerevan.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\oracle.gif.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\css\calendar.css.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\RELEASE-NOTES.html.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libscreen_plugin.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationClient.resources.dll.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_diagonals-thick_20_666666_40x40.png.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\es-ES\MsMpRes.dll.mui.tmp	e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\e0e53cabb619a8fe80a778399c8e7830_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
120KB

MD5
5df0d0252bc440abe6cb6016f71cb4fa

SHA1
a3938d447bf5942c2ff392c502f073bb1f0064c2

SHA256
2f9041386d070d6abaf678dabb365a110dab9f5077c5091539b1bc21612f886a

SHA512
752c3795d545684338c28b4535a11334eac5e7066fead23279a329a983051f1229ec404444b4aac134610264bed3827d5d6a3b7bf25b8ff5296eca50f2c5d039

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
129KB

MD5
5003f7c3973cf18228644d96409ef4d6

SHA1
2d09a7e337884623311343f0ce21c8ecb68f6095

SHA256
f63f7683fbc129dfb271f2ac26ea0e9d47776874db46692af211756ed6a40b83

SHA512
a482e7eba0ec822b7539f20fb5f72ff1fb6a58bba370543d49c8a2a6d8ea0c8795c0439bc95df185f39f162c124257d8e84e5a517caff8461d8f5847f648c0f0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads