Analysis
-
max time kernel
11s -
max time network
64s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
01-06-2024 06:59
Behavioral task
behavioral1
Sample
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe
-
Size
446KB
-
MD5
91cc86379e88c088b2130eae51aeb3b0
-
SHA1
1bd77c4c192cb6b7bd68494d70c08786880fa713
-
SHA256
e141c0b2b83f146c4a02a2b83afbde09eed95ca2409f2262a6374b41a578f040
-
SHA512
94a85c28c898d27945f0d6538db025ad15b96e96c76f1b8cea095f59e7f03203889de78a070a0f2c089a4e18a570ba3d6e2ba205b951c1af904e37b8ea1adca0
-
SSDEEP
12288:YEQoSpqh1KhHt8icXUILzbWbzS2t1a3Tx:YiIN/cRGvtoTx
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 10 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription ioc Process Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Processes:
resource yara_rule behavioral2/memory/1308-0-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/files/0x0007000000023416-5.dat upx behavioral2/memory/2456-29-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4836-144-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5004-148-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2948-166-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2152-167-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4384-171-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/232-172-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3712-188-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3536-189-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2456-192-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3928-191-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1308-190-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5052-193-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2028-195-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4836-194-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1728-197-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5004-196-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4176-199-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2948-198-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1240-201-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2152-200-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3680-204-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4040-205-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3208-207-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/232-206-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5064-209-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3712-208-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4384-203-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1452-212-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5100-211-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3536-210-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5052-215-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/2028-217-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3300-218-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1632-216-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4196-214-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3928-213-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1416-219-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4176-220-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4792-221-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1680-223-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1240-222-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5156-229-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5136-227-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5064-230-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4040-226-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3680-225-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3208-228-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5176-231-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5164-234-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1452-233-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5100-232-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/1632-236-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4196-235-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5364-238-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5380-237-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5424-239-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/3300-240-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5528-241-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5520-243-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/4792-245-0x0000000000400000-0x0000000000420000-memory.dmp upx behavioral2/memory/5568-244-0x0000000000400000-0x0000000000420000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription ioc Process File opened (read-only) \??\I: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\O: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\R: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\U: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\V: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\W: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\H: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\J: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\P: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\Q: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\S: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\N: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\T: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\Y: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\A: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\B: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\E: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\K: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\M: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\Z: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\G: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\L: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File opened (read-only) \??\X: 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription ioc Process File created C:\Windows\SysWOW64\FxsTmp\asian beastiality beastiality big blondie (Kathrin).zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\black blowjob girls leather (Samantha).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\trambling horse sleeping 40+ .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\swedish hardcore gay hot (!) ash (Sonja,Tatjana).mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\spanish handjob lesbian vagina boots .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\action cum uncut .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\african nude xxx uncut legs .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\blowjob xxx hidden .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\sperm bukkake girls femdom .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\gang bang handjob [bangbus] bedroom .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\tyrkish kicking hot (!) .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\british handjob masturbation girly .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Drops file in Program Files directory 18 IoCs
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription ioc Process File created C:\Program Files (x86)\Common Files\Microsoft Shared\swedish fetish [milf] leather .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\Templates\swedish porn trambling girls lady (Liz,Liz).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\handjob cum lesbian hole penetration .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\russian action hot (!) titts leather .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\black kicking [milf] glans gorgeoushorny .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\chinese gang bang uncut vagina ash .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\danish xxx trambling full movie .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\russian action licking granny .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\chinese animal gay voyeur gorgeoushorny .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\action cumshot catfight balls .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\microsoft shared\animal hardcore hidden feet bondage .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\french gang bang girls legs fishy .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\asian blowjob lesbian gorgeoushorny (Sonja).zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\black fucking blowjob licking .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\porn [milf] nipples shower .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\american action masturbation girly .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\british cumshot public penetration .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Program Files\dotnet\shared\beast hidden titts .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Drops file in Windows directory 50 IoCs
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription ioc Process File created C:\Windows\CbsTemp\hardcore lingerie [bangbus] traffic .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\Downloads\cum [free] femdom (Tatjana,Liz).rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\bukkake animal lesbian .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\black xxx uncut leather .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\french horse xxx [milf] high heels (Sonja).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\american beast horse public 50+ .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\sperm lingerie uncut feet (Jenna).mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\action [free] .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\Downloads\chinese xxx action big titts (Gina).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\xxx action [milf] .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.264_none_cb389cf57d74d691\kicking lesbian .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\german handjob several models bedroom (Britney).rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\security\templates\russian sperm public YEâPSè& .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\lingerie hardcore catfight (Sarah).rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\kicking bukkake hot (!) hole castration (Samantha).mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.UI.ShellCommon\SharePickerUI\malaysia cum xxx girls hairy .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\norwegian lesbian [milf] vagina boots .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\beastiality kicking licking ash high heels .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\xxx public ash femdom .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\handjob [bangbus] young .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\italian cumshot fucking [milf] .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\Downloaded Program Files\nude horse catfight nipples .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\assembly\tmp\tyrkish kicking [milf] (Kathrin).zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\mssrv.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\american lesbian lingerie voyeur glans (Karin).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\brasilian gay lesbian (Jenna,Gina).mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\assembly\temp\indian animal gang bang catfight hole .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\malaysia animal hot (!) vagina (Kathrin,Sonja).rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\porn masturbation blondie .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\nude girls cock (Christine,Tatjana).mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\black lingerie lingerie voyeur (Samantha,Ashley).mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\SharedFileCache\gay girls cock bedroom .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\cum action lesbian redhair (Jade).mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_de-de_881b257d159a5de8\italian animal [bangbus] black hairunshaved .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\gang bang trambling several models (Britney).rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_5b152a8d329397ec\nude [milf] latex .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\InputMethod\SHARED\beastiality animal catfight hole lady .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\kicking public boobs femdom .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\british gang bang [milf] .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\african horse trambling catfight nipples .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\fetish lesbian high heels (Jade).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\french beastiality [milf] high heels (Curtney).rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\swedish horse catfight leather (Sylvia,Jade).avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\bukkake lesbian 50+ .mpeg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\lesbian hidden leather .rar.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\tyrkish fetish hardcore [free] swallow .zip.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\norwegian cumshot nude big .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\black beast hardcore several models gorgeoushorny .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\action gang bang big .avi.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\swedish gay several models nipples shower .mpg.exe 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 62 IoCs
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exepid Process 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 3712 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 3712 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 3536 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 3536 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 3928 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 3928 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5052 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5052 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2028 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2028 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1728 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1728 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4176 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4176 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1240 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 1240 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exedescription pid Process procid_target PID 1308 wrote to memory of 2456 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 86 PID 1308 wrote to memory of 2456 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 86 PID 1308 wrote to memory of 2456 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 86 PID 1308 wrote to memory of 4836 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 90 PID 1308 wrote to memory of 4836 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 90 PID 1308 wrote to memory of 4836 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 90 PID 2456 wrote to memory of 5004 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 91 PID 2456 wrote to memory of 5004 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 91 PID 2456 wrote to memory of 5004 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 91 PID 4836 wrote to memory of 2948 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 94 PID 4836 wrote to memory of 2948 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 94 PID 4836 wrote to memory of 2948 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 94 PID 1308 wrote to memory of 2152 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 95 PID 1308 wrote to memory of 2152 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 95 PID 1308 wrote to memory of 2152 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 95 PID 2456 wrote to memory of 4384 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 96 PID 2456 wrote to memory of 4384 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 96 PID 2456 wrote to memory of 4384 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 96 PID 5004 wrote to memory of 232 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 97 PID 5004 wrote to memory of 232 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 97 PID 5004 wrote to memory of 232 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 97 PID 4836 wrote to memory of 3712 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 100 PID 4836 wrote to memory of 3712 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 100 PID 4836 wrote to memory of 3712 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 100 PID 1308 wrote to memory of 3536 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 101 PID 1308 wrote to memory of 3536 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 101 PID 1308 wrote to memory of 3536 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 101 PID 2152 wrote to memory of 3928 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 102 PID 2152 wrote to memory of 3928 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 102 PID 2152 wrote to memory of 3928 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 102 PID 2948 wrote to memory of 5052 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 103 PID 2948 wrote to memory of 5052 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 103 PID 2948 wrote to memory of 5052 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 103 PID 2456 wrote to memory of 2028 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 104 PID 2456 wrote to memory of 2028 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 104 PID 2456 wrote to memory of 2028 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 104 PID 5004 wrote to memory of 1728 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 105 PID 5004 wrote to memory of 1728 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 105 PID 5004 wrote to memory of 1728 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 105 PID 232 wrote to memory of 4176 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 106 PID 232 wrote to memory of 4176 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 106 PID 232 wrote to memory of 4176 232 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 106 PID 4384 wrote to memory of 1240 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 107 PID 4384 wrote to memory of 1240 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 107 PID 4384 wrote to memory of 1240 4384 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 107 PID 3712 wrote to memory of 3680 3712 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 108 PID 3712 wrote to memory of 3680 3712 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 108 PID 3712 wrote to memory of 3680 3712 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 108 PID 4836 wrote to memory of 4040 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 109 PID 4836 wrote to memory of 4040 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 109 PID 4836 wrote to memory of 4040 4836 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 109 PID 1308 wrote to memory of 3208 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 110 PID 1308 wrote to memory of 3208 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 110 PID 1308 wrote to memory of 3208 1308 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 110 PID 2948 wrote to memory of 5064 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 113 PID 2948 wrote to memory of 5064 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 113 PID 2948 wrote to memory of 5064 2948 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 113 PID 2152 wrote to memory of 1452 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 112 PID 2152 wrote to memory of 1452 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 112 PID 2152 wrote to memory of 1452 2152 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 112 PID 5004 wrote to memory of 5100 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 114 PID 5004 wrote to memory of 5100 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 114 PID 5004 wrote to memory of 5100 5004 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 114 PID 2456 wrote to memory of 4196 2456 91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe 115
Processes
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1308 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2456 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:5004 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:232 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:4176 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:5164
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:6456
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"8⤵PID:12376
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:8292
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:11276
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:4784
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:9084
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:12732
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:7248
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:14604
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:9704
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:13348
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:1416
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:6320
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:9360
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:12596
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:7584
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:15324
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10224
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:14028
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5884
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:9228
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:12444
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7016
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:13776
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9548
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13172
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1728 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5156
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:6704
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:12436
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:8852
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:11508
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5296
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:9556
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:12964
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7272
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15332
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9772
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13340
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5100
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:6112
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10620
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:14836
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7212
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:14384
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9728
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11428
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5536
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7984
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10380
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:4020
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6860
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11916
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8748
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:12144
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4384 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1240 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5176
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:6872
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:13132
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:8572
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:12212
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5432
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:9896
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:13356
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7236
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15160
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9712
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13320
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:3300
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:6336
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10388
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:14548
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7576
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15212
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9764
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:14052
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5768
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8912
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:12268
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6972
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13116
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:9012
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:12248
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2028 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:1680
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:6508
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:11344
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8316
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10740
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5128
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9236
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:12740
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7508
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:10244
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:14312
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:4196
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6272
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9564
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13164
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7328
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:15340
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:10024
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:13676
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:5736
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8776
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:12152
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:6940
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:11932
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:8736
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:11948
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4836 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2948 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:5052 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5136
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:6520
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"7⤵PID:11924
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:8448
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10452
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5268
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10684
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:14828
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7220
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15296
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10072
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13732
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5064
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5624
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10008
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:13740
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7336
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15280
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10032
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13688
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5528
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7992
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10596
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:14644
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6636
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11908
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8456
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:11672
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3712 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:3680
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:5520
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:8128
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:10788
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:14992
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:6688
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:12504
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8472
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11940
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5364
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:7612
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15316
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8040
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:14156
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6480
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11888
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7924
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:11016
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:15096
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:4040
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5576
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8100
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:15272
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10812
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:15000
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6588
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11684
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8464
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:11664
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:5380
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7412
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:14876
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:9224
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:14016
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:6472
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:11352
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:7916
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:11024
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:15088
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2152 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:3928 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:4792
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:6448
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"6⤵PID:11628
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8296
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:10748
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6076
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:8652
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:12116
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7176
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:14448
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:9620
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:13224
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:1452
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:5216
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:9524
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:13156
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7404
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:15288
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:10116
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:13768
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:5568
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8324
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:3832
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:6680
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:12384
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:8592
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:11880
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3536 -
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:1632
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:6328
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:11260
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:7604
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"5⤵PID:15308
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:9944
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:14320
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:5748
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8428
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:4840
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:6412
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:13052
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:9076
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:12428
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵PID:3208
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:5640
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:8992
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:11604
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:6932
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"4⤵PID:12420
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:9004
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:11524
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵PID:5424
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:7740
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:9840
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:14008
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵PID:6440
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"3⤵PID:11620
-
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵PID:8340
-
-
C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\91cc86379e88c088b2130eae51aeb3b0_NeikiAnalytics.exe"2⤵PID:11268
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\french gang bang girls legs fishy .zip.exe
Filesize1.3MB
MD5b432e91b3e7e053d75d33bcd98337c96
SHA1010ee83c934b1ffc73d0cfea670fb55647dcfb89
SHA25682f619ba29ff337d1a7ab22b44f931d838b485c3c6476aa47bcfe7113ddf3760
SHA512a570d69dcd12060de5959f843f0f38706bb95492975bd47c9d35a3b9360cbc0f7b02be7c2308cb79e00413093f19a36d175fc80ef2b6c8547c23aeeee54a64a4