aad6e153a6ed7ae5d0f53c4382b329423d3a806693c699d3487b2bb587b650c8

General

Target

864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
Size

156KB
MD5

864f036446ef002b9928e37e7d166990
SHA1

981b5c4bf5c76380522d2d7c2b98035351657ad1
SHA256

aad6e153a6ed7ae5d0f53c4382b329423d3a806693c699d3487b2bb587b650c8
SHA512

195f46e3b3371ad55586c33bd2d610303919082d99b9c71b7cd8e5ccaec7510ee3ea228750c7e93696cfa693c6f04a62a46b4856971f995e51a2a265568dee62
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZQT+cfWVP2ZQfq6Tl7j6tfmTk3R:RqKvb0CYJ973e+eKZGWVWQVmF3R

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (508) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscat.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\handler.reg.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\bandwidth.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\softedges.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSCommon.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\button-highlight.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\resources.pak.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\es-ES\MSTTSLoc.dll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\203x8subpicture.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sw.pak.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Parity.fx.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\AddAssert.sql.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msadcfr.dll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pl.pak.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ta.pak.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_hu.jar.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kk.txt.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576black.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqloledb.rll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\1047x576black.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ku.txt.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsjpn.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_100_percent.pak.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jli.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado26.tlb.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_SelectionSubpicture.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sw.txt.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\mlib_image.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\baseAltGr_rtl.xml.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqloledb.dll.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jstack.exe.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\rtscom.dll.mui.tmp	864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\864f036446ef002b9928e37e7d166990_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2660

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp
Filesize
156KB

MD5
a07a6d2b5935548ea1ed95cb2993288e

SHA1
c39d44c89736e309c0597fd13bd6b69cb670c27f

SHA256
d82922c057c6d51af7df3636decf1766d59b899158c94890fd472d3d274c64ac

SHA512
ca766045884f820777528f78ca058115bab51e315f5cecd2709d4a076cc8bcd035b2f08a331149840552a1320c1bce4fe5ae885428fb61e4a00541862f752fa6

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
165KB

MD5
30c034d5417959a18c88d57326793c96

SHA1
37d5beb86c5d3284528cbd226271251e1b3bdefd

SHA256
591b79d9aa878177c074ae2a82fe5d57d3c2cd4337089801fc8e8cc0441e9ad8

SHA512
eac4b49545cec38baa63a197fd563a14a80a1b4bfae44cd72a79d60d4c565acb70b7734e4e674b77ce2ef0561c3cd350cf6bc4ec41b491948267c4e6a6b33083

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads