daa984f0b853f348735a675699197737aee9b68f271aaba6f26ec604cf4478b8

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
17/05/2024, 12:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
Size

72KB
MD5

ec9afefb21fa001a092fc511969bd2f0
SHA1

7ddbb31098b017419da5741fae3ad997b6bb1b67
SHA256

daa984f0b853f348735a675699197737aee9b68f271aaba6f26ec604cf4478b8
SHA512

d4db22d0cb2c2043145b0d0687a165488603663f3b4441a71acc3c68e81ea3e3b8e0773010695b20e4ae2a1302fbb229ff292d035715bcfe7cbe99ec8f80f6ab
SSDEEP

768:W7BlpDpARFbhYQkQjjI6OvSox/6Sox/hotyuNwewpY9F9N/:W7ZDpApYbWjIlE77uNwewq9x

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3458) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\lib\zi\America\Tijuana.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Qatar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\js\calendar.js.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\icon.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\PresentationFramework.resources.dll.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\msdasqlr.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\shvlzm.exe.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\error_window.html.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\36.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\de-DE\WinMail.exe.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_s.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.zh_CN_5.5.0.165303.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_zh_4.4.0.v20140623020002.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.Client.resources.dll.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libidummy_plugin.dll.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rss_headline_glow_docked.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_zh_CN.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pa-in.txt.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkObj.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\msader15.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\South_Georgia.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\delete.avi.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\license.html.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\localizedStrings.js.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libt140_plugin.dll.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnssci.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\TableTextServiceSimplifiedZhengMa.txt.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\private_browsing.VisualElementsManifest.xml.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Web.Entity.Design.Resources.dll.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-annotations-common_zh_CN.jar.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\de-DE\ShvlRes.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\en-US\shvlzm.exe.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\fr-FR\jnwmon.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\WMPDMC.exe.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\es-ES\SpiderSolitaire.exe.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\ja-JP\jnwdui.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msaddsr.dll.mui.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Khartoum.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyDrop32x32.gif.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\OmdProject.dll.tmp	ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\ec9afefb21fa001a092fc511969bd2f0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
72KB

MD5
aaa48625b2ec2f087eba9a4d4ae357fe

SHA1
09037c0a5a73288d8d5971879f95bb4ae80a0204

SHA256
91166c0d68f40063f7a98b8907fad54296bf9828bc273552494cb1a739b28999

SHA512
bc55fedcc5095363317868ee7fe43d6e86a69a494bd61208eb2642cc9d14b8d3108705ce72fb8adaecd472143ed79eeb64fa4e73d7ede950ebaf2fc939e09e89

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
81KB

MD5
f662d304fcad39559559d1bc9ce16cda

SHA1
dddbd9b7ff585b669c54f5b278067cf46b1dc034

SHA256
f081d0006cc3f710ba4c8d0dea0f3b1bb22a93a920b58a2db254544129361be9

SHA512
bb468517b292a716119174e7afe4e999052041c807f36d75e667bdf1b43c8b5a6b6853aa07633eadd9f707467fed186629382465ec4762b875059d08719b4cfb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads