b0227c629746f5db124b013b19ff9de43985f1bfb938ce9f6e9106879b8bc19f

Analysis

max time kernel
33s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
23-05-2024 01:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
Size

1.8MB
MD5

70af57e52ed3223afb694347dd827140
SHA1

f967ad380adfd1221f4ebcf543812c43f5ad497b
SHA256

b0227c629746f5db124b013b19ff9de43985f1bfb938ce9f6e9106879b8bc19f
SHA512

22825952ce9f7e76227ee57b6717059d081bf8badfa433b9751e051865f3581e56de13bed0c9580501adcc28b4dfd8e67be1358a4cb65fc13aeb61527845ffa0
SSDEEP

24576:VS4goEe+oVDUN9hNhnZqaTUANRTRN9PhNv2MvDHmGbD2ZEy0SrihVTLdo7e/1AN+:YsmhdlLRVN9PjHmGD2WerILpKkdbJ

Score

7^/10

persistence spyware stealer upx

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

UPX packed file 64 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

Processes:

resource	yara_rule
behavioral1/memory/1812-0-0x0000000000400000-0x000000000041E000-memory.dmp	upx
C:\Program Files\Windows Sidebar\Shared Gadgets\blowjob voyeur feet young (Liz).mpg.exe	upx
behavioral1/memory/1812-54-0x0000000005BB0000-0x0000000005BCE000-memory.dmp	upx
behavioral1/memory/2704-55-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2284-93-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1812-94-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1728-97-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2704-95-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2568-100-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2672-99-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2800-98-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2928-101-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/556-108-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1572-111-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2996-110-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1728-109-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/332-107-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/984-106-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2284-105-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1444-103-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2872-113-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1812-112-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2868-114-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2568-116-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2672-115-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2088-119-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2852-118-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/652-117-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2100-120-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/984-121-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/332-122-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/696-125-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1572-124-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2996-123-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2868-127-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2872-126-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2088-128-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2648-130-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2100-129-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1808-131-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1304-134-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1960-135-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2160-136-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2148-137-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2096-142-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2292-141-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1148-140-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2520-144-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2620-146-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1808-145-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1916-147-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2588-149-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1768-153-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2888-152-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/1688-151-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2148-156-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2292-157-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2096-158-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2520-159-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2620-160-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2516-161-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2588-164-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2844-163-0x0000000000400000-0x000000000041E000-memory.dmp	upx
behavioral1/memory/2624-165-0x0000000000400000-0x000000000041E000-memory.dmp	upx

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

description	ioc	process
File opened (read-only)	\??\E:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\K:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\U:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\W:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\H:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\I:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\L:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\N:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\R:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\A:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\M:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\O:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\P:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\T:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\V:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\B:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\G:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\J:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\S:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\X:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

Processes:

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\SysWOW64\FxsTmp\norwegian trambling licking bedroom .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\brasilian animal gay lesbian traffic .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\tyrkish animal beast sleeping hole latex .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\italian gang bang hardcore licking hole .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\japanese animal hardcore several models lady .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\beast several models glans hairy (Liz).mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\swedish horse lesbian big (Karin).zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\tyrkish handjob horse [bangbus] cock .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\indian action trambling hot (!) (Sarah).avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\lesbian several models (Sylvia).zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

Processes:

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\lesbian hidden titts pregnant (Liz).avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\danish porn hardcore sleeping hole .avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\black fetish trambling [bangbus] fishy .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\blowjob voyeur feet young (Liz).mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\horse catfight (Janette).avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\gay sleeping redhair .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\black kicking hardcore licking pregnant .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\swedish porn sperm lesbian cock castration (Samantha).avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\tyrkish handjob lingerie catfight YEâPSè& .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\sperm uncut titts sweet .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\american cumshot blowjob hidden redhair .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\beast lesbian glans balls (Janette).mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\lingerie girls (Liz).rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\swedish action trambling catfight sm .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\blowjob several models hole .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

Processes:

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_en-us_00f45b041e1e8fd3\russian animal beast hot (!) gorgeoushorny .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\handjob blowjob hidden .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\hardcore big wifey .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\Temp\hardcore [bangbus] sm (Sonja,Samantha).mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_f3c374fc18118ca2\beast lesbian boots .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_387a16fe7addf3b6\malaysia fucking masturbation ejaculation .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\japanese fetish lesbian lesbian .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\bukkake masturbation high heels .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5803850b2f40840e\chinese beast hidden swallow .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0993a1b8823a4e79\norwegian lesbian hot (!) hole (Anniston,Jade).rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_05ea1d9b8e2bf020\british bukkake voyeur cock 40+ (Liz).rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\russian nude horse public glans gorgeoushorny .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\brasilian gang bang beast voyeur .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\bukkake girls traffic .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\porn gay masturbation (Janette).mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_963e6ae24c653bfe\japanese kicking horse voyeur (Samantha).mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-m..-temptable-provider_31bf3856ad364e35_6.1.7600.16385_none_1dd3ce8d1e7524cd\african hardcore catfight .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_dd18b2a07d49aa11\blowjob sleeping titts blondie (Sarah).mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\italian animal gay [bangbus] glans .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\hardcore big (Sarah).avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\american cum lingerie voyeur hotel .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_6.1.7600.16385_none_5499606faffb3f9f\chinese gay hot (!) feet .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\nude trambling [bangbus] mistress .avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_39374e2435a71b47\hardcore full movie .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.1.7600.16385_none_a727eb798dcfb185\horse [free] balls .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\brasilian cumshot beast catfight boots .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\hardcore several models glans wifey .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_293ea1e3e6bc5364\cumshot horse hidden .avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bcc167434bb9b3ea\handjob lesbian big titts .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\canadian beast voyeur glans .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\tyrkish nude lingerie big hole swallow (Melissa).mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\brasilian cumshot lesbian lesbian glans .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_7bfdfb15e7184c41\malaysia bukkake lesbian lady .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_515dc677700303ec\lesbian sleeping titts (Anniston,Tatjana).rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\InstallTemp\german lingerie public shoes .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_d8216ed3d8746200\indian nude lingerie girls (Sylvia).zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\tyrkish cumshot beast uncut (Curtney).mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8d9f242de8497d58\spanish horse licking (Curtney).zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_664dbffec8693dfe\blowjob voyeur girly .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\xxx public bedroom .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ad7c61fb28607522\swedish horse lesbian hidden cock ejaculation (Sylvia).rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_3863e9ef3f804dd9\british gay lesbian hotel .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\russian fetish beast voyeur hole .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\indian handjob beast girls mature .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ac16749b75335680\beast hot (!) shoes .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_4d274741486b900c\asian lingerie voyeur shoes .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\japanese action gay several models balls .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\black porn lingerie girls (Sylvia).zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\canadian hardcore big fishy .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\bukkake hot (!) .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_965db382b6fef5cb\hardcore licking feet (Sandy,Samantha).rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\hardcore lesbian circumcision .zip.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_aea650787d30ed8a\nude gay [milf] latex .mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_3b85bcbe4734e96a\gang bang beast big feet .avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_99b74194b7347cab\chinese fucking several models leather .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.1.7600.16385_none_2958d4a31d2ec64f\danish handjob beast voyeur cock .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_f25d066604c2ad34\brasilian fetish fucking catfight mature (Kathrin,Liz).mpeg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\italian cumshot xxx sleeping cock stockings .rar.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_es-es_8bc7919d3f36cee7\cumshot hardcore sleeping hole .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\tyrkish kicking beast [milf] .avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\danish nude sperm hot (!) mature .avi.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_3d98a610fed70b75\russian kicking sperm [free] .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_60a2cbbf935c42b4\lingerie licking .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\danish cumshot blowjob hot (!) latex .mpg.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

pid	process
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2568	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2672	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
652	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
984	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1572	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
332	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2996	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
696	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2868	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2872	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2568	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2852	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2672	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2088	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2100	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
652	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2648	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1304	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1960	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1960	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2160	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2160	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1148	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1148	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1808	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1808	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1916	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1916	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1688	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1688	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1812

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2704

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2800

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1444

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2672

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
- Suspicious behavior: EnumeratesProcesses
PID:2872

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:2096

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:3576

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
9⤵
PID:6256

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
10⤵
PID:19372

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
9⤵
PID:11916

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
9⤵
PID:20272

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:5056

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:8360

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:16544

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:3316

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:5504

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:8688

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:14332

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:4832

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:8932

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:16720

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6864

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9360

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:14344

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:2620

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:3620

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:6388

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:12420

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:4328

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:4452

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8324

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16560

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6484

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3340

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:5648

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8784

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16664

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4872

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8912

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16688

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:7032

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9320

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15124

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6684

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13644

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:2088

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:2588

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:3716

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:6524

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:12452

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:5272

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:8876

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:2320

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8368

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15220

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:13880

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3380

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:5836

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8996

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16504

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4888

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9184

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:14108

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9832

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:7108

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12588

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:19896

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2844

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3748

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6668

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:12844

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:20084

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:5224

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8884

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16612

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8444

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16944

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3372

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:5852

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8760

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13488

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4904

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6900

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12756

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:9836

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:984

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:1688

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3132

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:4772

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8268

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16348

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4440

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8624

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15204

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6452

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12428

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:20288

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2468

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4760

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9192

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:14180

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:3128

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6840

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12792

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4104

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:7720

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13540

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5464

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11768

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:19612

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1304

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2752

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3160

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:156

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:12404

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6000

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8016

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13696

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:20300

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3780

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6728

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12496

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5316

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8284

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:14316

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:10888

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:1372

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4400

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8708

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16852

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:10840

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5532

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11708

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4004

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6972

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12744

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:10504

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5748

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:9032

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:13976

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2284

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2568

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:2868

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:2292

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:3604

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:6104

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:11680

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
8⤵
PID:11448

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:4380

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8340

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15168

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3308

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:5440

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8640

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:13632

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4812

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9128

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:14088

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9040

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6848

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12828

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2520

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3644

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6292

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:11784

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:10560

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4820

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8028

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12472

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:19988

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3300

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:5432

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8672

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:14324

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4804

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8960

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16324

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:19924

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6832

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13024

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2852

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2624

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3792

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6700

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:12816

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:19596

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:5308

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8420

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16568

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3484

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6092

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:11576

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4068

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:7648

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13584

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:2516

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3696

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6476

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13016

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:20004

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5184

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8464

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:15228

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3328

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5516

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8768

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13568

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4848

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8840

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16932

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6816

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12800

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:652

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2100

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2988

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3996

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:6884

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:12972

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:5704

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8752

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13608

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:19884

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3680

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6424

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9308

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15092

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12536

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5172

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8292

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:14372

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:2408

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3864

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6876

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:9844

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16680

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5536

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8664

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:10368

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3512

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5572

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11084

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:1868

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4352

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:7640

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:13600

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2648

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:2708

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4036

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6988

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12776

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5760

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8984

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16644

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16064

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3660

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6376

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11588

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4884

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:8300

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:15100

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:2132

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3592

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8004

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12600

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:20308

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5324

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:11700

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:3808

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:7056

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12764

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:5420

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:8616

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:13616

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:20020

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2928

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:556

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1572

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2888

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:3212

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:5156

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8648

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15212

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4492

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8656

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:14308

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6468

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:13032

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:2480

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4992

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9140

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:14124

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:3168

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:7220

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:12708

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:10524

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4144

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8408

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16636

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5332

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11776

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1960

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:1628

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4164

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:7936

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:13556

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6152

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:11756

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3816

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:6240

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:11908

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5388

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8632

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13624

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:1360

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4416

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8428

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16588

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8220

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5736

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11940

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:19336

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4060

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6928

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:9344

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:14364

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16056

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5788

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:9024

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:13960

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2996

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:1768

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3196

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4324

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:9780

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:15116

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8348

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16628

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4480

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8132

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:14132

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:9820

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6432

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12484

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:848

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4740

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:7048

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:9300

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:15084

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13504

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3244

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:7812

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12724

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5524

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:11748

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:20012

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1808

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:2548

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4412

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8316

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:14264

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:19996

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:7624

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13968

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:10992

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4356

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8472

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:15176

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6088

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12524

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:16072

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:996

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4648

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8744

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16604

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6712

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12572

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:19816

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:3532

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:7448

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:13496

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:5992

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:8048

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:14148

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1728

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:332

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1916

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:3108

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:4488

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:8812

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:16712

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
7⤵
PID:11636

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8384

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16552

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4368

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8436

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16576

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5808

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11820

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:19604

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:2700

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4696

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:9008

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:14172

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6824

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12940

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:19628

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3724

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:7456

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:11096

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5972

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:9208

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:14164

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6268

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1148

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:2724

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:4680

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:8952

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
6⤵
PID:16672

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:6620

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12612

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3688

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:7232

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:13548

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:15948

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5980

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:9200

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:14140

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:1460

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4588

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:9048

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:18404

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6920

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:9352

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:14356

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:4072

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:7440

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:14100

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:8148

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:5724

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:8860

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:16596

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:696

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:2148

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:3232

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:5244

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8392

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16620

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4500

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8480

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16536

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6552

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12544

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:20028

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:1900

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4136

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:7664

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:13592

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:4188

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:8124

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12580

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:19808

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:5968

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:11792

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:19512

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2160

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:488

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:4308

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:8036

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:12516

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:20280

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:5552

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:9368

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:14428

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
5⤵
PID:16260

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:11668

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:3920

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:6980

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:13576

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:5556

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:8776

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:15580

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
PID:1568

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:4332

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:8084

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:12556

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
4⤵
PID:19620

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:5860

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:11248

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:19400

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
PID:3980

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:7040

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
3⤵
PID:13524

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
PID:5676

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
PID:9056

C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe"
2⤵
PID:19464

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\blowjob voyeur feet young (Liz).mpg.exe
Filesize
867KB

MD5
5e71735d3c645c3df68afda5f3c10b66

SHA1
4f2fb678c9bd5f2739e9f667a6425fcc803594cb

SHA256
a649e18b454e1d525fbb16cf30d8f76f6f0e935c2edb5da5274b7926bc2de19c

SHA512
3e0b95c2f7025926918e852eef1f0205fa2edc2585adc1507232f643da7f26085ef5231958c0bbf197fbcc1ef1859e323fd28c5f03257495d122f1d507a43bb7

Download Submit
C:\debug.txt
Filesize
183B

MD5
2ec1eadf3ad2670c4d5db449046a622c

SHA1
9a33916386f23d980cb58c680925f43cbe5fa056

SHA256
b5fa7bf2db76c5b7481945d62f7cb3b0bffae23fdb0693604be8162b1240a88d

SHA512
28bf5996715d3a11f49dc5f0de1a1bbcc370b9cc686312beac29e304a5cb5d7aea13afecc2d44bcf099c890b844a0a383060d2ce17e2270c2a122942b1dedc29

Download Submit
memory/332-186-0x0000000005050000-0x000000000506E000-memory.dmp

Filesize
120KB

Download
memory/332-107-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/332-122-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/488-176-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/556-170-0x0000000004CF0000-0x0000000004D0E000-memory.dmp

Filesize
120KB

Download
memory/556-108-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/652-154-0x00000000049F0000-0x0000000004A0E000-memory.dmp

Filesize
120KB

Download
memory/652-117-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/696-125-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/984-132-0x0000000004AA0000-0x0000000004ABE000-memory.dmp

Filesize
120KB

Download
memory/984-106-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/984-121-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/984-148-0x0000000004AA0000-0x0000000004ABE000-memory.dmp

Filesize
120KB

Download
memory/1148-185-0x0000000001E20000-0x0000000001E3E000-memory.dmp

Filesize
120KB

Download
memory/1148-140-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1148-177-0x0000000001E20000-0x0000000001E3E000-memory.dmp

Filesize
120KB

Download
memory/1304-134-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1360-184-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1372-183-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1444-103-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1568-182-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1572-133-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/1572-111-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1572-124-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1628-174-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1688-151-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1728-97-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1728-109-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1768-153-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1808-131-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1808-145-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1812-256-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1812-112-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1812-0-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1812-178-0x0000000005BD0000-0x0000000005BEE000-memory.dmp

Filesize
120KB

Download
memory/1812-54-0x0000000005BB0000-0x0000000005BCE000-memory.dmp

Filesize
120KB

Download
memory/1812-104-0x0000000005BD0000-0x0000000005BEE000-memory.dmp

Filesize
120KB

Download
memory/1812-403-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1812-94-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1916-147-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/1960-173-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/1960-162-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/1960-135-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2088-128-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2088-119-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2096-158-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2096-142-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2100-129-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2100-167-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/2100-155-0x0000000004F10000-0x0000000004F2E000-memory.dmp

Filesize
120KB

Download
memory/2100-120-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2132-172-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2148-137-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2148-156-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2160-175-0x0000000004A90000-0x0000000004AAE000-memory.dmp

Filesize
120KB

Download
memory/2160-136-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2284-105-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2284-93-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2292-141-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2292-157-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2408-166-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2516-161-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2520-144-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2520-159-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2568-100-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2568-116-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2588-149-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2588-164-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2620-146-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2620-160-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2624-165-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2648-130-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2672-99-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2672-115-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2704-90-0x0000000004580000-0x000000000459E000-memory.dmp

Filesize
120KB

Download
memory/2704-92-0x00000000045D0000-0x00000000045EE000-memory.dmp

Filesize
120KB

Download
memory/2704-96-0x0000000004580000-0x000000000459E000-memory.dmp

Filesize
120KB

Download
memory/2704-95-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2704-55-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2708-169-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2724-187-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2752-171-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2800-102-0x00000000044E0000-0x00000000044FE000-memory.dmp

Filesize
120KB

Download
memory/2800-98-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2800-91-0x00000000044E0000-0x00000000044FE000-memory.dmp

Filesize
120KB

Download
memory/2800-180-0x0000000004500000-0x000000000451E000-memory.dmp

Filesize
120KB

Download
memory/2844-163-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2852-118-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2852-150-0x0000000004DD0000-0x0000000004DEE000-memory.dmp

Filesize
120KB

Download
memory/2868-114-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2868-127-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2872-113-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2872-126-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2888-152-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2928-101-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2928-143-0x0000000004AB0000-0x0000000004ACE000-memory.dmp

Filesize
120KB

Download
memory/2988-168-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2996-110-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download
memory/2996-123-0x0000000000400000-0x000000000041E000-memory.dmp

Filesize
120KB

Download

description	pid	process	target process
PID 1812 wrote to memory of 2704	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2704	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2704	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2704	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2800	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2800	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2800	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2800	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2928	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2928	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2928	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 2928	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 1444	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 1444	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 1444	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 1444	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2284	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2284	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2284	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 2284	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 556	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 556	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 556	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 556	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 1728	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 1728	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 1728	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 1728	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1444 wrote to memory of 2672	1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1444 wrote to memory of 2672	1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1444 wrote to memory of 2672	1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1444 wrote to memory of 2672	1444	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2284 wrote to memory of 2568	2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2284 wrote to memory of 2568	2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2284 wrote to memory of 2568	2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2284 wrote to memory of 2568	2284	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 652	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 652	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 652	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2704 wrote to memory of 652	2704	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 556 wrote to memory of 1572	556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 556 wrote to memory of 1572	556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 556 wrote to memory of 1572	556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 556 wrote to memory of 1572	556	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 984	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 984	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 984	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2800 wrote to memory of 984	2800	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1728 wrote to memory of 332	1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1728 wrote to memory of 332	1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1728 wrote to memory of 332	1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1728 wrote to memory of 332	1728	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 696	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 696	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 696	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 1812 wrote to memory of 696	1812	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 2996	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 2996	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 2996	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2928 wrote to memory of 2996	2928	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2672 wrote to memory of 2872	2672	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2672 wrote to memory of 2872	2672	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2672 wrote to memory of 2872	2672	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe
PID 2672 wrote to memory of 2872	2672	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe	70af57e52ed3223afb694347dd827140_NeikiAnalytics.exe