39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
21/05/2024, 10:49

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
Size

83KB
MD5

3f564d4e39048ee981bacdd246dba2e0
SHA1

d2e3093c3851bb4aee4c8d659457e76c88eabc86
SHA256

39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7
SHA512

bf528867267a903591dcf5c81243b9e7dbdc396e5f74ab74746d02fb774a04641a82bc2f887e2caf472fa7cee905ce7fe342388836ab8aad35302273e7864a4a
SSDEEP

768:W7BlpDpARFbhYQkQjjLaMaqMs1MsD/WGy0OufxPGSxPGJw5c5ZWfdJWfdpMs5Msq:W7ZDpApYbWjnWf05PG0PG26f0J0/EL

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3694) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\picturePuzzle.css.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jaas_nt.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\it-IT\Hearts.exe.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\on_desktop\slideshow_glass_frame.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground.wmv.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\splashscreen.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\gadget.xml.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\IPSEventLogMsg.dll.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\README.txt.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-uisupport_zh_CN.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\osclientcerts.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_pressed.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.xmi_2.10.1.v20140901-1043.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Hong_Kong.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\LICENSE.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_wer.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-uisupport.xml.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.Design.resources.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\SuspendResume.mht.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipTsf.dll.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\WMPMediaSharing.dll.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Moscow.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IdentityModel.Selectors.Resources.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradfun_plugin.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services.nl_zh_4.4.0.v20140623020002.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\orbd.exe.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Asuncion.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libglinterop_dxva2_plugin.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\ConfirmInitialize.vsd.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\en-US\PhotoAcq.dll.mui.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\css\settings.css.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Qyzylorda.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\license.html.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedbck2.gif.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar.tmp	39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\39d0edbb5e414c637cf4bf2d0b5767a485c4de3d93f452cac7ce747e347d8fc7_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2184

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
83KB

MD5
26ec49c8fc8a2fd83dbba2a5d90b6f13

SHA1
eba27dbd2ced29b35ed62f40fba098f3d12a83f7

SHA256
ca7897d8d3eb8dfc70f1148987e945043fe0765d1883d929558ed2a8db091bf3

SHA512
3a1cb97e4cf7e780401d20d76d4905bbe18b23cdd2b8dfc06b7a94a16b52ba019d5848305e12ad40171b3e0c4150e74785fe503a9ad40aa608105d226c006dbf

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
92KB

MD5
c9880f2fd28aebf6949a154c62ee11f0

SHA1
3b89793fc5dd49dfea661da3bdebe1cbd40f07e6

SHA256
4bee1b9560aae751de50446607b5d6a6841174d0034f454ae2d609d19d0ad269

SHA512
47ebf8e9fb0891d5bbf7fa6c203d263f9eda4d6e4a84ef021dc261883d75bc04f1acdac056b1ed9c978ede2688d522b1fc8258859b00dd724f7c7e197c2e3076

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads