2d863ecb990f695a3ab377418a676a23872e1274c2e11e0eb64f0686ce2d5a18

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
27/05/2024, 20:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
Size

81KB
MD5

17a0ae72c11b4e4e1677b6a5030d7590
SHA1

68e09c77776d5dcf0e464d10f473d4d583a1e2e2
SHA256

2d863ecb990f695a3ab377418a676a23872e1274c2e11e0eb64f0686ce2d5a18
SHA512

4dc1c584b7d226a4168871ddbc21cf5400df0e88be5cc8873ee4c4ce2c11968e8833b2024d740b5f9d9e5fc78e2fd24bdf8caaff40c9a9e0fa6dacce31de1dd4
SSDEEP

1536:W7ZDpApYbWjIlE77ufL2e+e16al4StuStz:6DWpwE7oL2e+e/l4+u+z

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3452) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsoundds.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmplayer.exe.mui.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-favorites.xml.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\WindowsFormsIntegration.resources.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoCanary.png.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thunder_Bay.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\pl\LC_MESSAGES\vlc.mo.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\setup_wm.exe.mui.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsptg.xml.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property.nl_zh_4.4.0.v20140623020002.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\libvlccore.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\modules\common.luac.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fil.pak.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Norfolk.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Sofia.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.jobs_3.6.0.v20140424-0053.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Samara.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.bfc.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Resolute.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_window.html.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\NEWS.txt.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-outline.xml.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Chagos.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Mauritius.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-awt-j2se-1.3.2.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\epl-v10.html.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dushanbe.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\AddSet.bmp.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ja_5.5.0.165303.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf_1.1.0.v20140408-1354.jar.tmp	17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\17a0ae72c11b4e4e1677b6a5030d7590_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp

Filesize
81KB

MD5
12a0ace200390e169b430f18a46ad61f

SHA1
1f4da02a1afe54ab53f426d4f2d3cb076e6410f0

SHA256
2bb24855231ee995a6a1921d7a0681b53710ff7c7feb5f8f2679e2df0500b1e6

SHA512
6217e26d9d2adc2bc13ca8e77a4be897538c8611d1fc05116e4ea81e4f570e6bacf5c998032ac6e6f1040b774b8934e0bda00c39e75d29c4c69bc8be76bf64d9

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
90KB

MD5
2f8790b197094619797790c618b09c45

SHA1
beae62f14a097feed13224cefb5744b94199e717

SHA256
704a82acecf7c8cb2961b9df994c4b8c90e44ce06fb106d180e81ef117771b57

SHA512
84a7c4ef4223e9bd04479856082c7d63ec31827ed735b5bf1ea320d4d4a93ae7ecedeb9a5795cf5aaa213d4f48f0da001ecb581b307e935e1b7694610ea12ef1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads