44d523b1f9633954c3ba445f9b959db79579d18af15436bfb24516a10be83b9d

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
29/05/2024, 05:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
Size

77KB
MD5

4724c25fe910e393624ab46f32026bc0
SHA1

010c8bcc5e38f2b60d2354b4cbe5a5903ab23cb2
SHA256

44d523b1f9633954c3ba445f9b959db79579d18af15436bfb24516a10be83b9d
SHA512

9aa3122b23d9d91b43d171ee11d4899fcb82ef7a4c12f30c66206cdfee0ffc89a321d13832cd234315ebb47b565dbc7cf0ed7d28a5120bcd7cf0e2726bf541bc
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E6DGsTdc6e6kvNDck7Tdc6e6kvNDckkvVv/UxGpupY:69WpQEoTdc6e6kvNDck7Tdc6e6kvNDcf

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3449) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile_equalizer.html.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\VERSION.txt.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Resources.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\tr\LC_MESSAGES\vlc.mo.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Abidjan.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\CET.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libmmdevice_plugin.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\GoldRing.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\eclipse.inf.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\css\settings.css.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host.xml.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.Printing.resources.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\it-IT\MpAsDesc.dll.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\picturePuzzle.html.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Jujuy.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Sitka.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnetwk.exe.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\es-ES\MpAsDesc.dll.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_zh_4.4.0.v20140623020002.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_ja_4.4.0.v20140623020002.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Belem.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\nssckbi.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\logo.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Ndjamena.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\installation_telemetry.json.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IPSEventLogMsg.dll.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NextMenuButtonIcon.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.xml.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiler.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\css\slideShow.css.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_ja_4.4.0.v20140623020002.jar.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe.tmp	4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\4724c25fe910e393624ab46f32026bc0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
77KB

MD5
bd91eb6ad8c524aa9691cca694504be7

SHA1
f9ae2a0cc7b14147f228b9037821e728dc92f8d1

SHA256
105ba23a70710e5b2941c715422c5b8860f71bd7e2552caef9a64649f8c36dd7

SHA512
53289d86717fadf09fcd739c7f6ab72f0866c5906ac56fa93e8bd49f158ac2f4e69fb22723bcf22e26795c1908ea0cb922f54a3808ba16d22711504adc5f1ede

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
86KB

MD5
8c47b9d6794470b990be5e288bf3fa72

SHA1
d0a63f7282108e5453475b32e0f4bc298f80093e

SHA256
21b66bdde4596728d1ffe5b54cc993cb663e185b4c0f1a2879b20c24cb350b20

SHA512
515c8735e1e2fb9b8f81b2f8e1dd5462a6b46ca36a3419e7709f38fc6e5b551218962be1189399a271bfe58e1c8e134e8040e8e62a5561549e347f3107832f98

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads