1510bcb2272a1516eecfcb8f1fc3536be2b778007ac7874778c5e0e628b71046

Analysis

max time kernel
150s
max time network
117s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
27/05/2024, 05:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
Size

126KB
MD5

20556d78643dce5327caa71db4bd3440
SHA1

cbe0a2d4b006979c155eff6d3bd0a63b945396e2
SHA256

1510bcb2272a1516eecfcb8f1fc3536be2b778007ac7874778c5e0e628b71046
SHA512

e9579aaf22805e6719b0d1e605128a20f3342f70343942d2f1a7182533ff3c15d0ca5f50ea720a2126dc5eaaecde42f1a2bce24edcbd252a1a55cd7297087ffb
SSDEEP

3072:6rWpcOPxPke+e3fFpsJOfFpsJbgEIixihyKoIWbsHfySkT5GeCyi348oWGRPOzkq:tFPxPke+eI4

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3449) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+5.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.nl_zh_4.4.0.v20140623020002.jar.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-settings.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-api.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad\osknumpadbase.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-output2.xml_hidden.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-actions.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_udp_plugin.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msxactps.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\epl-v10.html.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libadummy_plugin.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jfr\profile.jfc.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\en-US\Mahjong.exe.mui.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsBase.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaprsr.dll.mui.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\th-TH\tipresx.dll.mui.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Design.Resources.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Windows.Presentation.resources.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tabskb.dll.mui.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Johannesburg.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-applemenu.xml.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\ja-JP\Solitaire.exe.mui.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libmpg123_plugin.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pa-in.txt.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha1.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\config.ini.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Auckland.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Panama.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_SelectionSubpicture.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\resources.pak.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\Graph.jtp.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\F12Resources.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\New_York.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\management.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\ZoneInfoMappings.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\UIAutomationTypes.resources.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdfmap.dll.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\20556d78643dce5327caa71db4bd3440_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
127KB

MD5
790fe80822038ed30355be4619dc9219

SHA1
73edd8f71f5bd28c4cb3e540890e0956d9451b79

SHA256
b4744f675cf539c58a5c9c95e0fce12b483d2dafc0df3d104f4acdf78498c769

SHA512
c7e365bcf50b1d814aeebf9e58a667a9db86603a629df002f5a0c834b4e8b56a74a622ae000fc9a6cc18db8f97f16d6df2409491b8f747d56da54af42da050bc

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
135KB

MD5
70db4c7a9b754354e55895b87cad7009

SHA1
29cc8cb8d50f55a147cffcb795927645c437d101

SHA256
fc018f2c7cdc2845a5b0c3dbc6a3845e4e20179f3c313be0f03101e8ccc0e7f0

SHA512
9bc78d7c7457a79b0a12fc898590a8905db27dab9ce1e4f5505cef57a72393baa5b343cc8db33739c15c251aec387bbea0584477ee1d3e2ada4be9a63c8c9b6e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads