96ffe67d45422a7ffd36be1b95608b7014d22afb4abdec76fe75c2b1b0b1fda4

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
17/05/2024, 15:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
Size

81KB
MD5

eed21ee6e2ac9b5c5e629b2031732750
SHA1

d9220105de8050644b633736f3961fec09836470
SHA256

96ffe67d45422a7ffd36be1b95608b7014d22afb4abdec76fe75c2b1b0b1fda4
SHA512

f7f5c36903fded331e44613d2be8360071dc4e7f53c8eb1daac4895345e5e4d7649fecc5cfa3906e38203e0303525f3310610b0e8d8778189376ac6c5549ec18
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/DfTfe:6e7WpMaxeb0CYJ97lEYNR73e+eKZDfTW

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3481) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-host.xml.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Xml.Linq.Resources.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\gadget.xml.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcer.dll.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Brussels.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\WindowsFormsIntegration.resources.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\17.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\FlickLearningWizard.exe.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\WMM2CLIP.dll.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libdxva2_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mip.exe.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\si.txt.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationClient.resources.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Xml.Linq.Resources.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\ja-JP\Sidebar.exe.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\scenesscroll.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_corner_bottom_right.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ku.txt.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_200_percent.pak.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Reykjavik.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeslm.dat.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Costa_Rica.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Goose_Bay.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-core.xml.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libdummy_plugin.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\de-DE\NBMapTIP.dll.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\mlib_image.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\US_export_policy.jar.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\fr-FR\FreeCell.exe.mui.tmp	eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\eed21ee6e2ac9b5c5e629b2031732750_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
82KB

MD5
fe240b61d3b35265a37c5568313c9248

SHA1
02e7ab394ba8e768c58193ead356af43d02847fc

SHA256
29c2a61945874eb786cdb8baaebf1bec97600a31ee10378b3918840890000b67

SHA512
60dedf4b872947b2da59ef75e26675e1810bae53f48ecda33fafe1210156de1659713f42b05e1eaaec42b0abb34bf68bc9186d6f5a171e1497810a32b2f79b62

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
91KB

MD5
2b0a91b2bd5b87a54b1a9e88b205fdac

SHA1
41f37e9493c2f83a9b09b0854f445228e8bfb89b

SHA256
9ba68181e4008ef8e3c711dc19b9e92559fab3535ea506d15c28b754a43cb104

SHA512
382ad9bbdebf9f23e44fa4242efad9e30b4acaeb163f42c0af41c2a73bf2805f972763021656805cecbb99b5682e69f4abd653a9a8b54671f66f8cf9dfd40513

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads