54150bcf260bc8aa7123a84d0872baded4850a851164567e9e5032a182fc277d

General

Target

6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
Size

83KB
MD5

6f96ab83481c5be23c9e962d83111b90
SHA1

d2281d19cf493428f673823bf82c8adc736ed99e
SHA256

54150bcf260bc8aa7123a84d0872baded4850a851164567e9e5032a182fc277d
SHA512

7f0cd2cdf5481c49078a4e709c39531ab36567794cbb4717ed049341cf37514946b0cf177029eb7afb2f83514c900d41ef258e935a6697a8c89709fe52ec0b9c
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBKZJHJ/vb:69WpQE0zU

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (532) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\mojo_core.dll.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tk.txt.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsdeu.xml.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\1047x576black.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fi.pak.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\LICENSE.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_ButtonGraphic.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\ja-JP\MSTTSLoc.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\adcjavas.inc.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fr.txt.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msaddsr.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hr.txt.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mip.exe.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqlxmlx.rll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwritash.dat.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkObj.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\msdasqlr.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7zCon.sfx.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-PT\tipresx.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jmap.exe.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee.dll.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\reflect.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkWatson.exe.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\ShapeCollector.exe.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Genko_2.emf.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaprsr.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-over-select.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp	6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\6f96ab83481c5be23c9e962d83111b90_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1152

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp
Filesize
83KB

MD5
80ca46c39fa95bc881e458d296a55776

SHA1
bee20e27f2edfae5b7fa5a312125f1079fffa405

SHA256
8c7b92d5126e623203ca408e3f248370168aa8de4329ad85cc47d8d794e64b4e

SHA512
68188977fafe6861e9de03684a139a30d421e9d8a90ccedcecd5de894d15efc4e5f029a24d6e1e48bc1370cdd9284c8b3da980f50a2ed640ded6203041e28a3d

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
92KB

MD5
3940c9d067d42bfd2cd2fa8ed5a7c373

SHA1
d8edd7fa1ddf72d193ac29ce7e339b0401641a0f

SHA256
8e140bb3414be73e9c6c44ea7371987a75e4fab7a51e9b7e2ff638c25d48d005

SHA512
31d60c3821243e3b1dbfb54a5fa044d9365b56442e204c92c93ad747a6881cb2f3de14ad159ff569a0adace388c829448c4104b7807bd988092e8019a0f81cc6

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads