08f9c429f6a6b054afcdeecc8980647df6d054a12bea5020e74f74473f3923eb

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
29/05/2024, 02:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
Size

94KB
MD5

30d3148e04a2d2a07a00e145dff86490
SHA1

cb34195b5d0ef6aa47cbb9de1b90769e61867d42
SHA256

08f9c429f6a6b054afcdeecc8980647df6d054a12bea5020e74f74473f3923eb
SHA512

107843d9a62d6a3bbdeab8188562463de8dae1bebbb0d2067d53547aaedfee37ed8a3ec2701604887b3bf590417ba70b995cdda53d4e8b227a6b8eab1bd4c589
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/qEc:6e7WpMaxeb0CYJ97lEYNR73e+eKZG

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3445) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Dhaka.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\it-IT\settings.html.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.properties.src.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.WorkflowServices.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\ShapeCollector.exe.mui.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-awt-j2se-1.3.2.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\PhotoBase.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tabskb.dll.mui.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty.png.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Qatar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationClient.resources.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\adovbs.inc.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guam.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\wmlaunch.exe.mui.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IO.Log.Resources.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.DirectoryServices.AccountManagement.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\cpu.html.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox_1.0.500.v20131211-1531.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Dubai.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Madrid.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_rgb6.wmv.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\private_browsing.VisualElementsManifest.xml.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\axvlc.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer.png.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-explorer.xml.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmplayer.exe.mui.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\css\calendar.css.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\fr-FR\css\calendar.css.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\ja-JP\MSTTSLoc.dll.mui.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\MANIFEST.MF.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\alt-rt.jar.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gu.txt.tmp	30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\30d3148e04a2d2a07a00e145dff86490_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
94KB

MD5
ffd51bc086a3878864260164e3292eda

SHA1
92585708b18431b88cf0ed7dc163fb5939e8ddd8

SHA256
e136fc40f2dadef02c381ff5454c8b58b39ffdb151ad43b5105da6c24dccba93

SHA512
c35e67c1f8f5676c5e16f8a8a03c393efee21a20f9b2eab34e55cee2748bddf1080f348f42f38358cf2d41695fd539fbc1f0364c52c61932a72477efdd5cfa00

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
103KB

MD5
b1b893666de11f6d2e597a357d0db27b

SHA1
fac1bae1e6520f921b789f30b49e7a63c1f703b0

SHA256
13934a66f6b5c89087a4b8b6e49e2ea0d244e69d834951c9d4b2e5dc12da4487

SHA512
72f3c10a841395579bb39e3a2fcf70e7858666121952f66ab0236c1c8b487fcadf30efe4dae300ac59045176b11d0f5cf85c5e362b68a6063ee876c74808353f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads