e7628e4d9f8aa6a2409cd3a32a43e62023329917e6f7637c329548b34491fbbc

General

Target

597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
Size

89KB
MD5

597efe7905b2d98b687586b22dd29cf0
SHA1

be90b17da817bb877b93b626d258f36dc4f27634
SHA256

e7628e4d9f8aa6a2409cd3a32a43e62023329917e6f7637c329548b34491fbbc
SHA512

193703d240c6ad855657e5898e7b93357026981e2d6f473273eb6bbf6071b18b5b7337eae8d3551f2282c9dc291c044a60e6b9f7e56b0b8f8f67f77dc660f83c
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/0VXaX:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VX+

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3661) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPDMCCore.dll.mui.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-visual_zh_CN.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Atikokan.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\it-IT\bckgzm.exe.mui.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_ButtonGraphic.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-windows.xml.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.VisualC.STLCLR.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_zh_CN.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\pack200.exe.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_it.properties.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\MeasureOut.MTS.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\settings.html.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh88.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.Printing.resources.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_hover.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\tr.pak.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Efate.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\ja-JP\sbdrop.dll.mui.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.STD.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\directshowtap.ax.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveAnother.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\java.policy.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\RenderingControl.xml.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\css\settings.css.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\8.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Gibraltar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\US_export_policy.jar.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\skins\winamp2.xml.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png.tmp	597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\597efe7905b2d98b687586b22dd29cf0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
90KB

MD5
28f7e9c1880d2950602a77da6e8537e5

SHA1
2c48492f04d6e2f165b79eb8fcd3b0a87f2eddc5

SHA256
438054f7e0b441f9e54b40b5b6a56dc680445055b865c07e9fff70f392a163b6

SHA512
c4bcabb8b5e3bb726eb124d3752634babb938ac80d7f0f5dc11e44be628feebae599117483966ef33ec0ac7d2f36f89a29252cf867322141e053b2104de3be87

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
99KB

MD5
3ce8fe99c55aa1c1c80db55f202c658b

SHA1
4547279d3711126288b86f0fe2eb6ae81beccd26

SHA256
a6c9cbe003c3678daa621cb8ad31bd859b670f446a6db1b660ac994545141ab5

SHA512
3328a26e89071396b6c868b5479848af3d2eea5a3a849398c2e667de58293cfe2b818ba7df01878b598a3d5c5fdb1391bffa87706bdc277a7d046da4a7099413

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads