39164f0ad6409acda21723bb097a98e1fc5a5ff8786b83feedcc599730ad2000

General

Target

7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
Size

75KB
MD5

7119f140994a67cd515550d20fa9ab80
SHA1

33068edf25a727aaf72c6147c4da172d02972c57
SHA256

39164f0ad6409acda21723bb097a98e1fc5a5ff8786b83feedcc599730ad2000
SHA512

e54863c6f1ea63eb5b39895d29181d90353d8a5efff8671fb636946bfc929dc5bcb9615a842430c6a39f25af8587dc72e30422f09fb1530d875ad6fa8fe46b3b
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E6DGsTdc6e6kvNDck7Tdc6e6kvNDckkvVv/U4:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDc/

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3439) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\lt.pak.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.exe.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jce.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\snmp.acl.template.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wallis.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\CST6CDT.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msadcfr.dll.mui.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstatd.exe.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\ja-JP\Solitaire.exe.mui.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\es-ES\wordpad.exe.mui.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsource.ax.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\css\settings.css.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\css\cpu.css.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kk.txt.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\vlm_export.html.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\icon.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perfcore.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsdt.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_ja_4.4.0.v20140623020002.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\hrtfs\dodeca_and_7channel_3DSL_HRTF.sofa.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeulm.dat.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyNotesBackground.wmv.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_ja.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\PST8PDT.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\shvlzm.exe.mui.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationClientsideProviders.resources.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Bishkek.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_LOOP_BG.wmv.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\glib-lite.dll.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo.tmp	7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\7119f140994a67cd515550d20fa9ab80_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2004

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp
Filesize
75KB

MD5
87050e3706da39291e6b23679cf3eaf5

SHA1
1525ca6bb9c88e08bb9094ef383bb083e1ea90bd

SHA256
cb5034fd1200c9e47fc65dc24726967577354531fc1968b98c3fc05aba45c054

SHA512
8c67fc3840f0896d7def10ac35cc0ad96b2a13e44088289a2ad699a9160870f7899c018b382a7f4a94c4a98d69915f4236a16dba1e2cb47961c9ffedf6991aa1

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
84KB

MD5
0fe0cf4b110d709efc83df637acc0c21

SHA1
15cbd89026548ba32f58a60e4aa3d1a7e732cb52

SHA256
3fcf8d91076891c60932a54c8b5727594404a8534ff647df8e465c4c09136970

SHA512
3c4f995a7d2fc872e1a8f7389da59de924f2faaf42348f7b7cda96c793b88966346ea38e0c6d240cee27854988109ab1dfceef128c006bdb7dd97c8df703666d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads