ac502333cc0c2f325fc35116bc2c85db2be9119829fefb50b561e444162ef85c

General

Target

3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
Size

95KB
MD5

3b23f3352d6ae7770eb59a3f53954d10
SHA1

9025feff9cdd71b4306619623c3f295647c4db47
SHA256

ac502333cc0c2f325fc35116bc2c85db2be9119829fefb50b561e444162ef85c
SHA512

9e8460fe4b6642396ae4880a01f2d026d6e450f29272c1deeb976f7a1b2c3618c0c06a8503583ab085b0c3fa85b0a5f3eda25d9b9c6ebb10ddcee24d46b443ad
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPNe0A0/:6rWpcOPxPke+e3fFpsJOfFpsJbgEU0AU

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3460) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\7-Zip\Lang\ne.txt.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\mozavcodec.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\PresentationBuildTasks.resources.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\fi\LC_MESSAGES\vlc.mo.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\libxslt.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins_1.1.200.v20131119-0908.jar.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Eirunepe.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\desktop.ini.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jfr.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Stanley.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\modules\httprequests.luac.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\en-US\OmdProject.dll.mui.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Ojinaga.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_divider_right.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shades of Blue.htm.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ta.pak.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Mendoza.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santo_Domingo.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\wab.exe.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ca@valencia\LC_MESSAGES\vlc.mo.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\meta\art\01_googleimage.luac.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\rockbox_fm_presets.luac.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es-419.pak.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\content-types.properties.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Abstractions.dll.tmp	3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3b23f3352d6ae7770eb59a3f53954d10_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1284

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp
Filesize
95KB

MD5
ad1a40b8da2a96fd6b1ebc7a8ecf0d03

SHA1
a3a79d8957fcb4001c7012b5037f2c291ffd54a6

SHA256
b55b23bfe56ef200d0c33417fb8b03bb966e6fe1771e333c870b3cc4a0a7eee1

SHA512
884dca8d2ec2ef0bc06c017382f23e6afdc4b8ed8397bd51e6063dfe503b65f33be14e7a75b36078cb4e28dba26817afd40dfe44e04da8c047a92d19b838eae2

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
104KB

MD5
e6bd7230f1da7134780544ba5c17cf07

SHA1
6e3dfb6edf16cb4cf496dabc9cf7e24b5a358c02

SHA256
7aa1c73820cb6d14ed7309c10037d2e245d164eba906281b7b9be4f146d48fec

SHA512
a3c31bea645d602127afaa859aee03ed747680e7dadff62392e719d54b6e0b0fa4dd18f593399c7f07f517bd53ef29e3c1fb7ffad7df3384774df61a206c48a9

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads