762eef14f01f45f0ceb236471ad23addd8182f2794c445c4ed2235549a77c469

General

Target

836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
Size

134KB
MD5

836e73df4ba03fd378a305b819b9a600
SHA1

d57dc1b9502368940c059d99ce76e2655dae3f08
SHA256

762eef14f01f45f0ceb236471ad23addd8182f2794c445c4ed2235549a77c469
SHA512

287970f85cf7191c2c2bfeb89b1c36618318ef3e93314cc6f147a5dd325b0f140927f5ea7decafbd2eda1f495cbd4d57136147de9072a8f2aa64300da1bc96cc
SSDEEP

768:/7BlpQpARFbh2UM/zX1vqX1v+1WbW1rjrA9ZONZOD5ZTXB85c5cfYfVS6D:/7ZQpApUsKiX26R

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3224) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-outline.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.IdentityModel.Selectors.Resources.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\anevia_streams.luac.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-progress.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\servertool.exe.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hr.txt.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IpsMigrationPlugin.dll.mui.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_zh_4.4.0.v20140623020002.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-uihandler.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IO.Log.Resources.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\License.txt.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_ja_4.4.0.v20140623020002.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\javafx-mx.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_ja_4.4.0.v20140623020002.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\MET.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoDev.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Design.Resources.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ql.nl_ja_4.4.0.v20140623020002.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ca.txt.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-print_ja.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.Printing.resources.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Tanspecks.jpg.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msaddsr.dll.mui.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\logging.properties.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\ConvertReset.dll.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkObj.dll.mui.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png.tmp	836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\836e73df4ba03fd378a305b819b9a600_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2368

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp
Filesize
134KB

MD5
806274639e47550b4c9d0baf79318be7

SHA1
1e0193406198f6f051ad71938cbcfcff6f16d60c

SHA256
d21214e68585c31c249595ce76512c65ea654c14752fd8f0eb3cc738e788945d

SHA512
faa6e1d4eb7dd4d7a18230d9bc1b819ef505edd4016e0c63610c9baf2e795da31c3ffccda61cac4c01703ef7ca7701f8afc9bf70aac69734ef0b39430a49a46b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
143KB

MD5
dba3cc711aadb2a973c7a0a0a92d9a78

SHA1
a5708dbbdebca07af10a1f807e210af83943e2aa

SHA256
3e261f49a0e4cddd70d69b70143b944492e2d5553af82a2d7283f48d7f4f3fe6

SHA512
bcaa7fe742bc27182ebd8c1ad171de93cf8c5e5cd89cb4c021b2da5fe9526b9c5dcfaa61d96e49a7f414e1dbb0e4eceae6d977a7830265d5fd4e39e3e667a49e

Download Submit
memory/2368-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2368-394-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads