cc7d7907902c4fd3ede477940645db2026f7f3ece8424dcce8ba53f48b1b8cb9

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
20/05/2024, 05:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
Size

77KB
MD5

bb6569b8ad296e65c9d4b60ef57ba010
SHA1

e3a1d113391a339f4d346a3417969a16972a3654
SHA256

cc7d7907902c4fd3ede477940645db2026f7f3ece8424dcce8ba53f48b1b8cb9
SHA512

5de6e0b67cad59a426e371d7ce4a951a89ae2e679f928f5ba4a3a1112c0db6f30bb2da19be789f55550d09a90bf3fec03a3c477890c90e7ca583da1985dee9ed
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7YWtMQQQd:6e7WpMaxeb0CYJ97lEYNR7Ztp

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3525) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libaudioscrobbler_plugin.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libdav1d_plugin.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\MediaReceiverRegistrar.xml.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_left.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\vlm_cmd.xml.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Paramaribo.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\mpvis.DLL.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\tabskb.dll.mui.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bn.pak.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Matamoros.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\desktop.ini.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\MSOHTMED.EXE.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\css\settings.css.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\manifest.json.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\.eclipseproduct.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.ja_5.5.0.165303.jar.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+4.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmono_plugin.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\updater.ini.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_s.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-cli.xml.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\de-DE\TableTextService.dll.mui.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\icon.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_SelectionSubpicture.png.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\ucrtbase.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\wab.exe.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IdentityModel.Selectors.Resources.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\css\clock.css.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Edmonton.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\newgrounds.luac.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_ja_4.4.0.v20140623020002.jar.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\verify.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\mpvis.dll.mui.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo.tmp	bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\bb6569b8ad296e65c9d4b60ef57ba010_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
77KB

MD5
63595219372d747820b47b3affed1ece

SHA1
d2bfff553c3d4e0bd3676d40f871721092e9d344

SHA256
b84c3e8a9cf1703e11e5bcbbc45ec23f1cea9a316a0b8f0ca3a01bdc3380e702

SHA512
b6f842a758ba4df1c2633ea04e454c58936010c9d2bb2875761c8d74ce28aa1c5e3633dd0b7fb5c7902e50c2a5c0e42722909fdc957b62733ba9f24add3fd0de

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
86KB

MD5
90e4617cb9599e60965f3fe44f6a0342

SHA1
f3eeac9cec20db3afd5d9e7ae456f9b294aaecef

SHA256
4f1843ec425df986b1c32a4eeed4835dbb95062c8aea7cb4ba70bb7d73f7b91e

SHA512
ae7093ae402bf9307ccf59fd6523182906b5d53bc0fd17754853273c69d49c78d35742977bfc204b767958e53a54fafa75c7eaa853a855bfbb9186bad24c6db0

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads