cebf909f5070f4d3327249858a14a8301190a1fe2e4ffb75db3f3c21e16716e6

Analysis

max time kernel
149s
max time network
123s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
20-05-2024 09:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
Size

89KB
MD5

c8f41c7bc4b8bf127b65d199549632a8
SHA1

8c388dbc97c5d661dea77a3748104ec54bfea098
SHA256

cebf909f5070f4d3327249858a14a8301190a1fe2e4ffb75db3f3c21e16716e6
SHA512

2e3fb376945c68b9c942f9c0b8a34d6ac84203de4f161b2e5891849fa35fea15113f980152cb7bb3d83a7ee11c9058495ab9bc578e73080fe2934be47bcefa60
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhs:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsh

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3259) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Maputo.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.analysis_3.5.0.v20120725-1805.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jmx.xml.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\Welcome.html.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\about.html.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\es-ES\shvlzm.exe.mui.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console.nl_zh_4.4.0.v20140623020002.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Reunion.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\freebl3.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Dawson.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Curacao.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\fr-FR\Mahjong.exe.mui.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IdentityModel.Selectors.Resources.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.commands_5.5.0.165303.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bg\LC_MESSAGES\vlc.mo.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogo.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\date-span-16.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.RunTime.Serialization.Resources.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jawt.h.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jabswitch.exe.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground.wmv.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoDev.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Lagos.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\sRGB.pf.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Noronha.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\firefox.exe.sig.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+6.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\core.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libuleaddvaudio_plugin.dll.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core_0.10.100.v20140424-2042.jar.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\EST5.tmp	c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\c8f41c7bc4b8bf127b65d199549632a8_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1964

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3452737119-3959686427-228443150-1000\desktop.ini.tmp

Filesize
90KB

MD5
28652de978d2c8762083df6da30a1351

SHA1
3508aa682e0b71f580519e76717f96031877b672

SHA256
f6328f325cff7cfff929eed2ffc5b5f357695f1206eb7674b0f6f38922bbc900

SHA512
d6c4a0369620fed871088dc825104f1864b3313dc2cbe729c19747d7aaa5496aa883fb6f36d9afc401459d9b1270962946e91eb07c2e14c91a408a20033d9ad7

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
99KB

MD5
91f36c88e643ac21f457f40a44454012

SHA1
81235daed8e525d4b2f81957c034d0fe20d8374c

SHA256
c958cb8636d88dd450368af72cd44ab4a36ce1d9a9d6fb79f5dfbc6962879b07

SHA512
c241b4039295e1ed1d151733b627bfbb528ab37e0e27874b37ddffc50c4cf8da423124e375906346351a93e0419fd4b98447858b69587865ec41d658b20f1146

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads