622662292eba18c268f05592332e66423566f6ff037df858927434bca52a540d

General

Target

6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
Size

82KB
MD5

6b0749fbb7f30f842e264fa555e336c0
SHA1

63709c82598ad8a15411a080144f57a5e9e70984
SHA256

622662292eba18c268f05592332e66423566f6ff037df858927434bca52a540d
SHA512

912faf4daf0160d62b7ddf019c612a07dae39c090b08d4083483d5ff726c7c2c5ed38449d50dcd644f8dd116c9f2b318f405f2ee4fbeac375559e01f928f62f2
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/6lD3q5q+:6e7WpMaxeb0CYJ97lEYNR73e+eKZaDaH

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (516) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hu.pak.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgePackages.h.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\it-IT\DVDMaker.exe.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\he-IL\tipresx.dll.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialmainsubpicture.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lv.txt.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\rtscom.dll.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msaddsr.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-back-static.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\whitemenu.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Small_News.jpg.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_SelectionSubpicture.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Parity.fx.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nb.txt.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaremr.dll.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\pushplaysubpicture.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lij.txt.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\images\bing.ico.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsdebuggeride.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.h.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\OmdBase.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipBand.dll.mui.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\adojavas.inc.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\ieproxy.dll.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Wrinkled_Paper.gif.tmp	6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\6b0749fbb7f30f842e264fa555e336c0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1412

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp
Filesize
82KB

MD5
028305a968038484e8486de58c23b84a

SHA1
adc1f990b66941ebff6db893b036b346a82c16fd

SHA256
effe5693d33c2956051c377f88f9d4c241e2e408abaed57700ffbe6792315c55

SHA512
2b77a673a7803c1fb473e5e070f76a7c627eaa727ab618ab79e4b85e0c71ba9895e9124d26071c288ffb1d19c26d14c45f47b2996e7d4847f971382ed052c7be

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
91KB

MD5
3270cae6e5f2ae4c9c59c6cc8d4be1a9

SHA1
fd439604b601381d140f1bf7f4280d573991b43a

SHA256
6cf27fdc97c98347281590d49fa8bbf78e650d4e8801e0c43cc9904c6eafdba7

SHA512
d30ebeaef13ee2ce816b66c41ebcad899ea4444ec5e97837b47c3baba899386c51683c6f4ac9bb45c9356fe30c4b4ebf279ca4237481782f41ff3811679f9eb8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads