9f659a7a6ebc67858f7ff3eb8897f21b46829752ccd00d52d9b2ace9e3daf4ed

General

Target

92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
Size

83KB
MD5

92c0f65915bff4c1254f73c36d0f0290
SHA1

0bdcd45ca2613f1d5044db4ff092e8ccf8a73adf
SHA256

9f659a7a6ebc67858f7ff3eb8897f21b46829752ccd00d52d9b2ace9e3daf4ed
SHA512

81e57099aa20a2f19f6d2f68e6866c982f5f3f154af8c3d3ddf96cf53d94201f47920ebd450e342232a4c289b0acd3941549ef3afc529db9f8a1f766bcc6e03d
SSDEEP

1536:W7ZDpApYbWjIlE77ufL2e+e16al4StuStY:6DWpwE7oL2e+e/l4+u+Y

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3004) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.Printing.resources.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Beirut.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Berlin.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\it-IT\OmdProject.dll.mui.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationLeft_SelectionSubpicture.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director_2.3.100.v20140224-1921.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvmstat.xml.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\DumontDUrville.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\chapters-static.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Jujuy.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.DataSetExtensions.Resources.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Lisbon.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Asuncion.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ko.pak.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.xml.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\CET.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\RegisterNew.txt.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ur.pak.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.p2.ui.overridden_5.5.0.165303.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_sv.properties.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\msvcr100.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ar.txt.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-threaddump.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state_1.0.1.v20140709-1414.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-favorites.xml.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\shvlzm.exe.mui.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\icudtl.dat.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Adak.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Makassar.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\it-IT\Minesweeper.exe.mui.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.DataSetExtensions.Resources.dll.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp.tmp	92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\92c0f65915bff4c1254f73c36d0f0290_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2216

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp
Filesize
83KB

MD5
da48bc47b0f869bff3a058fbe4e5b18c

SHA1
a6f46c5e1e18a4d0941ce1fc08480bab273bcdb5

SHA256
7843ec8e22549e4efdb14e064373644109503f2bb7b95fad79eed54bfed93fdb

SHA512
a7e0e00c0f1bcce792f1629a67441bcf45c128425ab5593239c0ec8623b5bc8a57a4bbde5e1f2b39f29db90a1dec9d998564f6c9fe39c5568509df9d324d8edc

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.exe
Filesize
92KB

MD5
1e5737fb280637b9641af8df7daf2aa5

SHA1
03ee55a0e40b503bf17bcc99d737bb04faa5fe27

SHA256
c952947122a189e7d028a5e752b89ddca571112d7b7f8f733d60dcb98e3824ac

SHA512
5c3a50b668652bc925083084d6e419e3b93c871e98e845f93b602d2b9483044577124541d64483959c8593093fee9145caa91b5e2203e6d0af38e40bfeb4d489

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads