10f4cb501dfaa58296ed2d20c48dcf49b094323f86132f47935cdae1f5b535e4

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
19/05/2024, 23:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
Size

84KB
MD5

5e7561aa44a7c4b23c9f588c2ad4ca80
SHA1

f787f6147053b1d3f41fdf6b7299fa43795d8c87
SHA256

10f4cb501dfaa58296ed2d20c48dcf49b094323f86132f47935cdae1f5b535e4
SHA512

6558a4e595005a982ff65f7f4f5912319cd495bd382756ede4b13c9726291c480f29035189252f352ec09066378c6e7b03c9ba77af1ee157455c27f922140586
SSDEEP

768:W7BlpDpARFbhYQkQjjLaMaqMs1MsD/WGy0OufxPGSxPGJw5c5ZWfdJWfdpMs5Msz:W7ZDpApYbWjnWf05PG0PG26f0J0b

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3430) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\descript.ion.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\zipfs.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpClient.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql_2.0.100.v20131211-1531.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.IO.Log.Resources.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\offset.ax.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs_5.5.0.165303.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\es-ES\PurblePlace.exe.mui.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\msdasqlr.dll.mui.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\he.pak.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tipresx.dll.mui.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Palau.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tipresx.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thule.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers.xml.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-startup.xml.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Services.Design.resources.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libglinterop_dxva2_plugin.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadox.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\META-INF\MANIFEST.MF.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\preface.htm.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\notification_plugin.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkWatson.exe.mui.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IPSEventLogMsg.dll.mui.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsource.ax.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\locale\updater_ja.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Xml.Linq.Resources.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Kwajalein.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\LICENSE.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_ja.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-coredump_zh_CN.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_livehttp_plugin.dll.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.expressions_3.4.600.v20140128-0851.jar.tmp	5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\5e7561aa44a7c4b23c9f588c2ad4ca80_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:840

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
84KB

MD5
ea49453dc4a81db4276e1ec634c8db5f

SHA1
ea9577472122ee2a7e4a5b65f4da72ad92c07309

SHA256
fd05915063da93fd80718d1e87763024530c4a80d4e095ab9a763da1b16ba1a8

SHA512
16dde8a6446819cb0d43ed262b570e0290e4572407d888c510eb0ae45e70ff643c46e879edeeebb04368f12f2df45ae9b1f3656e4c4b2732c681956d2debe242

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
93KB

MD5
4f7ae8552ac304a1207ad6473d94d481

SHA1
fff58624a9ae74572bdfa2d9937eac5800209425

SHA256
d70ec097ad068b3e28f94cf8706932947da7dfe2ca4dbd2724b19e771078421e

SHA512
44ba6b862831824900e4d818d0ae871ccaff0427764fa6d2557ec549149dbeaf27754c2baa11fc50ef04da7a9fb70956cbd494e3e9baa05d51edafe0f7eb2384

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads