96c94146bfabd962276fb22fa36641a3f6a931de2ccd9b6950e9f577f050a504

Analysis

max time kernel
150s
max time network
125s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
19/05/2024, 23:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
Size

82KB
MD5

5c266da047f2376dbc461aa4e3014aa0
SHA1

a0e9b2802df8ef37f3a78c716c6dac745fbb10de
SHA256

96c94146bfabd962276fb22fa36641a3f6a931de2ccd9b6950e9f577f050a504
SHA512

36c0a73dea85536cf468f1a9e39d61044b520bdd6bacd5cebd7920d50042d2e2a1ff77f34af0d756503626521d06897496125fb0079944ded9c7582092c0a951
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76Rb/O:6e7WpP9oVLQthbYY9oVLQthbUvd

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3514) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\css\currency.css.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\es_MX\LC_MESSAGES\vlc.mo.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InputPersonalization.exe.mui.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi_3.10.1.v20140909-1633.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Macau.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.Client.resources.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ks_IN\LC_MESSAGES\vlc.mo.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gu.txt.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\jnwdui.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\gadget.xml.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-search.xml.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\es-ES\TableTextService.dll.mui.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Legal\ENU\eula.ini.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.exe.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Tucuman.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\win32_LinkDrop32x32.gif.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_over_BIDI.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\default_apps\external_extensions.json.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\charsets.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pl.pak.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\RedistList\FrameworkList.xml.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\wmplayer.exe.mui.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\css\localizedSettings.css.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_zh_CN.jar.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-multibyte-l1-1-0.dll.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-icons_222222_256x240.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nl.txt.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\clock.css.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\reveal_rest.png.tmp	5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\5c266da047f2376dbc461aa4e3014aa0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
82KB

MD5
d479575ffbb760550b46bfca28c86fea

SHA1
4cb30f1aecb6f9c58bf76529470477c64946723c

SHA256
b2725d34baf96615477f93fa2d430df974da3229e7624c87d17c008af9dda160

SHA512
cfadffefecb5024b11c26c3ee9f4fa51d60db82eabec4608a60368ac3cda9b2354d90cb820bdb2154078d20ad38ce9e5d737ab489692a9a9a0ec279c18aad4b0

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
91KB

MD5
8044147e014c01fe8a6ba8ec0dcb1aa4

SHA1
c827adbbe4f88f332262d78e8a32b9da46ff4078

SHA256
037736b011746861852cfc2457e79dc50f1dd10587cbb1d0af92539181baaaa4

SHA512
a3e184f02862f734ebfca42f60a147fb5abd5c3da42488767615bfad143d2d63b3216eef026a0f65663e141880dc79b88b1e5a773c570c84fd2166922e9ff821

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads