718e01365199ee32b4fb939533381b9472db4bc546ccb0a911d6602412bcc606

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
30/05/2024, 01:47

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
Size

45KB
MD5

5f4870262845ce8fc9dc0322a6c22ce0
SHA1

d8aa651be699c7d98afb2952022e2bf7f4f581ef
SHA256

718e01365199ee32b4fb939533381b9472db4bc546ccb0a911d6602412bcc606
SHA512

f101f53c2e9a9d18c748640fa71820e92fa93da5aeb5b598bb5764bbc5c5ba20822cb22161c2541b6ff755703bebf016e70dfa9c8cf58239f7ce0299a4984f60
SSDEEP

768:W7BlpNLpARFbhblkYlkrt8PWGoPWGBJ0CJ0vYN:W7ZNLpApCZrt8PWGoPWGBJ0CJ0Y

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3450) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\fr-FR\WinMail.exe.mui.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\epl-v10.html.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile.html.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\weather.html.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\js\controllers.js.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\weather.js.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeslm.dat.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_ja_4.4.0.v20140623020002.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-templates.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Chita.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ReachFramework.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text_3.5.300.v20130515-1451.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\UpdateWatch.dxf.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\main_background.png.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Ojinaga.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-charts.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\gadget.xml.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.clusters.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kuching.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Xml.Linq.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\de-DE\PDIALOG.exe.mui.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\fr-FR\NBMapTIP.dll.mui.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\js\clock.js.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_dot.png.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\logo.png.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Panama.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qatar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\New_York.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpostproc_plugin.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkWatson.exe.mui.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ja.pak.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Gambier.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator_3.3.300.v20140518-1928.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Graph.emf.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsdbgui.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\te.pak.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader.dll.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views_3.7.0.v20140408-0703.jar.tmp	5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\5f4870262845ce8fc9dc0322a6c22ce0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2204

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
45KB

MD5
a06564d1ca190979829fb9cd863d1921

SHA1
8ad3193cde4b8668ce5d52a6f917a843ee91a2fb

SHA256
3af7e217fe83e2c0eff58a604b27eb74be9c424bbc7bf113176e86a3fcf070c2

SHA512
e49185c145755daa23ec98ac049e14d0b722cb82b2e3e229b3a1aacfddc3795e4b3a63640eea10017e04cdf960cae795b62e4cc1b8d39f2bf7786226bda57052

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
54KB

MD5
ca4508a154651ce457dc721021ae4f53

SHA1
3c09f8cc0050b485d0381b67ef4316b1cbba0141

SHA256
ceb61b4f02ea3d55f7157d8c8d5ddd07b9409e84629b743664e0555d214d28c4

SHA512
86fc695359af9769253e9719e04aec440acf499ae93a2915a8a22e9396cc22eb8b3556e1cfbadbc5bbe572c92ad5397e61e46093040f94287b6eef8595b45853

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads