Analysis
-
max time kernel
22s -
max time network
128s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
02/06/2024, 01:05
Behavioral task
behavioral1
Sample
18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe
-
Size
2.0MB
-
MD5
18f54bb16e8c891225a48f5db6342790
-
SHA1
00f30f82e00f38ca832d560e9322449cefc462af
-
SHA256
af7e34eff1fe060c689efadf7bbf65241e5031ba565d902e350a5a17305b27bf
-
SHA512
3412175bec496bf9c910617e4216c7ef087dc0cff8bb90a11d2bcebb9fe68b5cd28005d984aae723ac6462ee93fe1d2536a97d4da89c1d68ae3daf02f0794904
-
SSDEEP
49152:NaF5FkZZfBeEBGKO7nsOiGYxOhMkZ8A7IEP:NiFkZFBXBGWGYYhR8Bi
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
resource yara_rule behavioral1/memory/2980-0-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/files/0x000800000001269e-5.dat upx behavioral1/memory/2980-8-0x0000000005450000-0x000000000546E000-memory.dmp upx behavioral1/memory/1404-9-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2724-53-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2524-54-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2080-69-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2980-68-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1404-71-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1368-72-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2724-86-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/752-89-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1748-97-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2040-98-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/572-103-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/952-102-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/752-101-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2536-104-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1748-105-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2044-106-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3016-107-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1836-112-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/572-111-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2536-114-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1948-117-0x0000000004900000-0x000000000491E000-memory.dmp upx behavioral1/memory/1288-119-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2044-118-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2888-120-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1944-127-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2988-129-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1288-128-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2292-131-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2904-130-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2888-134-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1704-135-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2648-137-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2648-139-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2640-145-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/752-144-0x00000000045D0000-0x00000000045EE000-memory.dmp upx behavioral1/memory/852-146-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/2640-148-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/752-147-0x00000000045D0000-0x00000000045EE000-memory.dmp upx behavioral1/memory/3096-153-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3184-159-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3096-160-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3544-172-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3536-171-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3408-170-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3600-178-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3688-184-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3544-186-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3536-185-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3056-188-0x0000000004910000-0x000000000492E000-memory.dmp upx behavioral1/memory/3600-191-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3852-195-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3660-194-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3740-196-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3908-197-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3932-201-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/1128-202-0x0000000004920000-0x000000000493E000-memory.dmp upx behavioral1/memory/3376-207-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3724-206-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3852-205-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral1/memory/3804-212-0x0000000000400000-0x000000000041E000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
description ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
description ioc Process File opened (read-only) \??\G: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\Y: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\Z: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\E: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\I: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\N: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\O: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\P: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\S: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\V: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\U: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\A: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\H: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\K: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\L: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\Q: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\R: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\T: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\W: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\X: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\B: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\J: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File opened (read-only) \??\M: 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe -
Drops file in System32 directory 10 IoCs
description ioc Process File created C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\russian beastiality hidden ash balls .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\blowjob cumshot [milf] traffic .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\danish xxx porn [bangbus] .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\norwegian horse cum voyeur penetration (Kathrin).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\animal several models girly .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\black porn several models titts ash .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\shared\british horse [bangbus] .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\swedish bukkake lesbian .mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\french handjob full movie ash .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\shared\kicking fucking voyeur vagina .mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe -
Drops file in Program Files directory 15 IoCs
description ioc Process File created C:\Program Files\Common Files\Microsoft Shared\french beast sleeping hole .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\Templates\animal cum sleeping .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\indian nude bukkake full movie lady .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\asian action catfight .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\asian cumshot uncut young (Janette,Christine).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\british animal girls .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\asian lingerie kicking several models mature (Britney).rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\italian fucking several models ash (Jade).mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\italian gang bang lesbian masturbation bondage .mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\bukkake bukkake girls ash (Sylvia).avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\horse uncut boobs .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\gay horse voyeur vagina swallow (Ashley,Sylvia).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\french nude lesbian titts .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft Office\Templates\black beast kicking [free] .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\malaysia gang bang beast voyeur (Janette,Sonja).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe -
Drops file in Windows directory 32 IoCs
description ioc Process File created C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\italian cumshot lingerie hidden cock .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\tyrkish fetish fucking catfight 50+ (Curtney,Kathrin).avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\japanese beast public .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\german kicking hot (!) nipples .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\black animal catfight 40+ .mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\Downloaded Program Files\black fetish catfight legs latex (Sonja,Curtney).mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\brasilian beastiality several models .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\security\templates\blowjob catfight glans (Curtney,Christine).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\lesbian handjob [milf] (Karin,Gina).avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\indian bukkake voyeur YEâPSè& (Melissa).mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\american horse handjob several models penetration .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\french horse hidden bedroom (Melissa).avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\norwegian animal full movie .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\danish handjob [milf] bedroom (Sandy,Sonja).mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\nude trambling full movie granny .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\temp\kicking hidden .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\Downloads\german trambling licking titts .zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\tmp\xxx beastiality voyeur bondage (Kathrin,Jade).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\danish porn licking titts .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\fetish hot (!) .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\cum kicking sleeping cock circumcision .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\black gang bang blowjob catfight .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\mssrv.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\american nude hot (!) (Curtney,Britney).rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp\bukkake girls glans (Christine,Tatjana).rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\french hardcore lesbian mistress .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\indian animal [free] latex .avi.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\japanese beast hot (!) (Anniston).zip.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\Downloads\norwegian sperm horse several models vagina castration .mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\asian kicking bukkake licking .mpeg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\indian cumshot [bangbus] leather (Jade).mpg.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\action licking mistress .rar.exe 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2556 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2572 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2592 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1128 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1948 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1912 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2040 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 752 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 952 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2556 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1748 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2812 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2572 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2592 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2956 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 572 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2536 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2984 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2044 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 3016 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1836 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1492 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1288 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1944 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2904 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1128 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2888 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 2888 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1912 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1912 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1948 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 1948 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
description pid Process procid_target PID 2980 wrote to memory of 1404 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 28 PID 2980 wrote to memory of 1404 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 28 PID 2980 wrote to memory of 1404 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 28 PID 2980 wrote to memory of 1404 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 28 PID 2980 wrote to memory of 2724 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 29 PID 2980 wrote to memory of 2724 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 29 PID 2980 wrote to memory of 2724 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 29 PID 2980 wrote to memory of 2724 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 29 PID 1404 wrote to memory of 2524 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 30 PID 1404 wrote to memory of 2524 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 30 PID 1404 wrote to memory of 2524 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 30 PID 1404 wrote to memory of 2524 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 30 PID 2980 wrote to memory of 2848 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 33 PID 2980 wrote to memory of 2848 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 33 PID 2980 wrote to memory of 2848 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 33 PID 2980 wrote to memory of 2848 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 33 PID 2724 wrote to memory of 3024 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 31 PID 2724 wrote to memory of 3024 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 31 PID 2724 wrote to memory of 3024 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 31 PID 2724 wrote to memory of 3024 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 31 PID 2524 wrote to memory of 2080 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 32 PID 2524 wrote to memory of 2080 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 32 PID 2524 wrote to memory of 2080 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 32 PID 2524 wrote to memory of 2080 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 32 PID 1404 wrote to memory of 1368 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 34 PID 1404 wrote to memory of 1368 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 34 PID 1404 wrote to memory of 1368 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 34 PID 1404 wrote to memory of 1368 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 34 PID 2524 wrote to memory of 2556 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 36 PID 2524 wrote to memory of 2556 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 36 PID 2524 wrote to memory of 2556 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 36 PID 2524 wrote to memory of 2556 2524 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 36 PID 2980 wrote to memory of 2572 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 37 PID 2980 wrote to memory of 2572 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 37 PID 2980 wrote to memory of 2572 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 37 PID 2980 wrote to memory of 2572 2980 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 37 PID 2724 wrote to memory of 2592 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 35 PID 2724 wrote to memory of 2592 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 35 PID 2724 wrote to memory of 2592 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 35 PID 2724 wrote to memory of 2592 2724 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 35 PID 2080 wrote to memory of 1128 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 38 PID 2080 wrote to memory of 1128 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 38 PID 2080 wrote to memory of 1128 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 38 PID 2080 wrote to memory of 1128 2080 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 38 PID 3024 wrote to memory of 1948 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 39 PID 3024 wrote to memory of 1948 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 39 PID 3024 wrote to memory of 1948 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 39 PID 3024 wrote to memory of 1948 3024 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 39 PID 2848 wrote to memory of 1912 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 40 PID 2848 wrote to memory of 1912 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 40 PID 2848 wrote to memory of 1912 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 40 PID 2848 wrote to memory of 1912 2848 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 40 PID 1404 wrote to memory of 2040 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 41 PID 1404 wrote to memory of 2040 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 41 PID 1404 wrote to memory of 2040 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 41 PID 1404 wrote to memory of 2040 1404 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 41 PID 1368 wrote to memory of 752 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 42 PID 1368 wrote to memory of 752 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 42 PID 1368 wrote to memory of 752 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 42 PID 1368 wrote to memory of 752 1368 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 42 PID 2556 wrote to memory of 952 2556 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 43 PID 2556 wrote to memory of 952 2556 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 43 PID 2556 wrote to memory of 952 2556 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 43 PID 2556 wrote to memory of 952 2556 18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe 43
Processes
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2980 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1404 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2524 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2080 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:1128 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵
- Suspicious behavior: EnumeratesProcesses
PID:1492 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:2280
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"8⤵PID:5508
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"8⤵PID:11568
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:4400
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:6236
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:10192
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:1972
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:4756
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:7336
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3816
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5920
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:10072
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:2536 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:2476
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:4828
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:7724
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3680
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5516
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11644
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2668
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3584
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5104
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:7940
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11660
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3484
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4624
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:8116
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:8800
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2444
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2556 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:952 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:2988
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:3740
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:5996
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:7540
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3308
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:5772
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:11772
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:4544
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7320
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11708
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2820
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3408
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:6912
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:11652
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5020
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:7172
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:11244
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:9712
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:1608
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5956
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7592
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4244
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6056
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7532
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:572 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:852
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5004
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:6540
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11684
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3644
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:6104
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11748
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5796
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11624
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2648
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3908
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6772
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11488
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3472
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5436
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11576
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4480
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11528
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1368 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:752 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:2888 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3348
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:5464
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:11544
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:4744
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7708
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2288
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:4692
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7700
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3376
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7132
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11756
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5588
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:10400
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1836 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2260
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5200
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11796
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4196
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7104
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:10200
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:872
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4536
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7716
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3600
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:5632
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:10184
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2040 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2904 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3368
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:6720
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:1056
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4720
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7312
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11716
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3060
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5720
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7260
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11764
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4188
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:6848
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11692
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2044 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2004
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4568
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:9848
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4236
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7080
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11536
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:2756
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4924
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7740
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:3536
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:6016
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11804
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:5192
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:10092
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2724 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3024 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1948 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵
- Suspicious behavior: EnumeratesProcesses
PID:1288 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3128
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:5184
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"7⤵PID:11600
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:4664
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7732
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:1060
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:4552
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:9860
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3724
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4108
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:10248
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2984 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2640
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:4956
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:7748
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:9012
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3832
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6024
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11520
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2516
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4992
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6556
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11780
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3660
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:5988
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7616
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11812
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2592 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2812 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:2240
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:3852
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:6044
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:10044
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3336
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:5780
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:11504
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4528
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7296
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11724
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3056
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3780
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5596
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7328
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11820
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3208
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6248
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11612
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4364
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7112
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2500
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2428
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:524 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2532
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4804
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:7644
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3528
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6340
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11740
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:5640
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:10176
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:2620
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3932
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:6532
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11732
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:3428
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:6564
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:11496
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:4352
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7952
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:8820
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:10228
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2848 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1912 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1944 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3184
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:6472
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"6⤵PID:9892
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:4388
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6856
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11584
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2156
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5052
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:10164
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3176
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:6924
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7932
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:8960
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:3016 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:1936
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5024
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6548
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11788
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3284
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6580
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11480
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:5604
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:10052
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:2396
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4976
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7664
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:3688
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:5424
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:11552
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2572 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1748 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:2292
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:3804
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:5580
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:10256
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3220
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6524
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:11512
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4252
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:5676
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:10408
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:1704
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:3712
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:8008
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"5⤵PID:6904
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:6036
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:10100
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:8280
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:3096
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:5296
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:10084
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:4712
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:7304
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:11100
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2956 -
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:2912
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:4592
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:7792
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:3544
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"4⤵PID:9640
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:5332
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:1728
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵PID:2676
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:4272
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:5696
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:10060
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵PID:3492
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:5684
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:2180
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"3⤵PID:8712
-
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵PID:5012
-
-
C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\18f54bb16e8c891225a48f5db6342790_NeikiAnalytics.exe"2⤵PID:9852
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.9MB
MD53fbc5a6109c62740116ad387aadb87fd
SHA1d67ec707678b3474932fd2b5c691d3fc2335cc97
SHA256fcc2970de9696c86cb614d6c0eec4d3fa36a963f4d301c9d3221de5b062d8f41
SHA512f4d4a4010bd54245d4285bad1f93360c6e70e286bd0061ff249b32579c7a9ecae26010627369786d607331abbe6ede632f51ef7b3ec449645784e4e6ec8d5f92