e5fa60aed03eafa674a66ffdd524ac84b1be61a88e3841532d53df0eb49ee628

General

Target

47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
Size

129KB
MD5

47b06208faebe90e81018b2a4c35a6c0
SHA1

a53456fa75d5ac0da0f1ed66650181c515636998
SHA256

e5fa60aed03eafa674a66ffdd524ac84b1be61a88e3841532d53df0eb49ee628
SHA512

24dd78d9f8d3ab9bce0cb3b553385d69496b294ed7554957c2912a4bea1615309289696c5ed91121e99dbd94feeb86a63e08fd3a5d1e184ee426f40ebb9a40df
SSDEEP

768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c50KPKs:/7ZQpApUsKiX26KaN

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (518) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_babypink_Thumbnail.bmp.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msader15.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7z.sfx.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\he.txt.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\tipresx.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcfr.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsound.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadox.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ja-JP\wab32res.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\it-IT\DVDMaker.exe.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\it.txt.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\HandPrints.jpg.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hr.pak.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perfcore.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7zCon.sfx.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsen.xml.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\it-IT\WMM2CLIP.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nb.txt.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\msdasqlr.dll.mui.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fil.pak.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsdebuggeride.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\License.txt.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\scene_button_style_default_Thumbnail.bmp.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\WMM2CLIP.dll.tmp	47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\47b06208faebe90e81018b2a4c35a6c0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1544

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp
Filesize
129KB

MD5
767e2b70db075a4d426e3c469323e31c

SHA1
0ffe4eaf5b80a9a66aa9166e4aa89ce2609328a5

SHA256
6edf3ad0d0a126b072e195a4f21e288a29ff266944ea28c439566030b801cecd

SHA512
afd407ceeade1671f53b084ee7f9bd59bef6fcee477d4609c99c7059ae3256cdb6cc50a9c19f639bfe52071aa19d81d4f9eb82e3b282bbe21fbc1739613f7541

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
138KB

MD5
fe50771ef788990e826a6a22eed9e2ce

SHA1
67eb443d5ccd2640eb316b19a6c959eb5e188d79

SHA256
39a1b1f465c0fd4c2620a1a2a078c4ae4c72a1300aa2b54356a0c307a0c7c313

SHA512
2c35057f1573b4c39fff0f2323bcc2ca8b0a9f49476b07b86589be227929d43deec59d04ed7d848f156f8a9bdb122b2f6d02611192b963b96e5118c57c99d676

Download Submit
memory/1544-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/1544-70-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads