Analysis
-
max time kernel
16s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
03-06-2024 05:46
Behavioral task
behavioral1
Sample
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe
-
Size
361KB
-
MD5
9d90ae6aa5de3545b68032c9cac101a0
-
SHA1
3fd382205f8bd68a2e1d02f077487d6da0b869ab
-
SHA256
30cd7656ec4666917605d89eac91fbfeb4127fc7c196cad775247c4e20d54025
-
SHA512
1f877a772d71a39db8a0e718cfc66a76be27c1e9f98dfdac2afc2318591a71c682acb77fe38f2d8de6d967f049c54df380437c4b8bac3830fffe30127a863f88
-
SSDEEP
6144:bjluQoSsqaxIo5R4nM/NvTi2zI8U2WSto11z+H3l9XQkyrYXdERa1Atf4Z:bEQoSx0qUvlzI8U2VtY+H3nXQ3EXu9q
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 16 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription ioc Process Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Processes:
resource yara_rule behavioral2/memory/1832-0-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/files/0x00070000000235b9-5.dat upx behavioral2/memory/2920-54-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2944-160-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1456-159-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3516-178-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3652-177-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1828-181-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2564-182-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2040-193-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3300-192-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2464-191-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/1264-194-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2956-196-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/728-195-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/4720-197-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2768-198-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3968-201-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/3020-202-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/2988-200-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5216-203-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5268-206-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5208-205-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5184-204-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5388-207-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5492-209-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5412-208-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5520-210-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5532-211-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5556-212-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5632-214-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5584-213-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5640-215-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5884-220-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5868-225-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5848-224-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5916-223-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5900-222-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5892-221-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5876-219-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5908-226-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5924-228-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5932-227-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5940-229-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5948-230-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5956-231-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5972-232-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/5980-233-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6632-236-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6828-243-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6796-242-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6716-241-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6708-240-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6680-239-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6920-249-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6888-248-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6880-247-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6872-246-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6864-245-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6856-244-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/7040-253-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6928-252-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6912-251-0x0000000000400000-0x0000000000429000-memory.dmp upx behavioral2/memory/6900-250-0x0000000000400000-0x0000000000429000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription ioc Process File opened (read-only) \??\X: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\O: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\R: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\U: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\V: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\H: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\L: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\T: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\W: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\M: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\N: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\P: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\S: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\A: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\B: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\I: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\J: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\Y: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\Z: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\E: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\G: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\K: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File opened (read-only) \??\Q: 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription ioc Process File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\hardcore voyeur girly .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\indian handjob lesbian hot (!) feet (Sonja,Tatjana).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\japanese kicking lesbian catfight (Sarah).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\black gang bang trambling big mistress .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\russian fetish bukkake several models blondie .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\italian porn lingerie sleeping hole gorgeoushorny .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\sperm girls stockings .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\xxx catfight redhair .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\lesbian full movie (Liz).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\danish cumshot lingerie masturbation (Janette).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\tyrkish horse gay [bangbus] femdom .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\japanese kicking hardcore licking hole balls (Curtney).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Drops file in Program Files directory 19 IoCs
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription ioc Process File created C:\Program Files\Common Files\microsoft shared\brasilian kicking lesbian lesbian cock .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\dotnet\shared\black cum lingerie [free] .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\Templates\brasilian cum bukkake hidden femdom .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\animal xxx licking titts bondage (Sarah).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Install\{6BB39B16-79FA-4D8E-BB79-4EFE59F95F66}\EDGEMITMP_509DC.tmp\russian gang bang bukkake hot (!) upskirt .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\russian cumshot horse lesbian ash .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\lesbian masturbation .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\lesbian hot (!) redhair .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\horse catfight .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Microsoft Shared\black horse sperm hot (!) hole .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\lesbian catfight (Janette).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\japanese gang bang gay hidden (Sylvia).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\danish fetish sperm [free] (Curtney).rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\lesbian [bangbus] (Liz).rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\russian beastiality beast masturbation upskirt .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\japanese action sperm [bangbus] feet mistress .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\swedish gang bang fucking [free] titts mistress .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\black beastiality lesbian full movie glans bedroom .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\bukkake lesbian redhair .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Drops file in Windows directory 64 IoCs
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription ioc Process File created C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.1_none_f42978969c79336a\russian gang bang xxx hidden girly (Sandy,Tatjana).avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\beast [free] stockings .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\danish fetish bukkake several models feet stockings .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\xxx uncut beautyfull (Anniston,Melissa).mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\tyrkish gang bang sperm several models circumcision .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.1_none_fa09f84703cb02c5\japanese action gay catfight penetration .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\trambling big mature .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\bukkake hot (!) lady .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\beastiality horse hidden shoes .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\trambling hidden Ôï .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\german blowjob catfight stockings .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.1266_none_7916f7558927ae23\horse gay lesbian fishy .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\american fetish bukkake public swallow (Britney,Jade).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\spanish gay public penetration .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\american beastiality xxx catfight titts young (Samantha).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_ee7ea14f7d8a3ee3\spanish blowjob voyeur boots .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\russian cumshot lesbian hot (!) hairy .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\horse hardcore licking (Curtney).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\trambling hot (!) cock girly .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\spanish sperm girls glans 40+ .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_10.0.19041.1_none_8c0b126c198fcf70\black action beast [free] shoes .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\CbsTemp\horse several models .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\security\templates\american porn fucking [bangbus] .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\kicking lingerie hot (!) girly .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\asian trambling big .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.572_none_cf90e12518baac85\black beastiality lingerie [free] boots .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\Downloads\american nude lingerie uncut (Curtney).avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\french lingerie several models stockings .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\british horse licking femdom .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_de-de_16bd831fd16633be\lesbian [free] glans blondie (Samantha).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\InputMethod\SHARED\bukkake sleeping feet upskirt .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\american animal bukkake [milf] glans high heels .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\malaysia gay voyeur titts swallow .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\fucking lesbian hole girly (Samantha).mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\japanese beastiality horse licking titts granny .zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-mccs-engineshared_31bf3856ad364e35_10.0.19041.746_none_d404daff82e97769\french blowjob hot (!) glans (Gina,Samantha).avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\german xxx girls .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\handjob lesbian several models feet ash .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1151_none_fbdc4c5f677dc2ec\lesbian full movie .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.964_none_1c1a193f5bfcf136\action sperm public (Liz).mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.844_none_67b5915b5651dd8a\lingerie hot (!) .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\norwegian hardcore girls titts .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\mssrv.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\swedish beastiality blowjob hidden feet (Sonja,Curtney).mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.UI.ShellCommon\SharePickerUI\swedish handjob beast uncut hole sm .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\sperm sleeping glans swallow .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\tyrkish handjob fucking uncut Ôï (Christine,Sylvia).zip.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\french horse masturbation hotel .mpeg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\hardcore girls ejaculation .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.844_none_57eddd48e7a74274\french sperm big femdom .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\italian gang bang trambling girls traffic .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\hardcore [milf] feet .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\fucking [bangbus] hole pregnant (Tatjana).rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\italian handjob trambling sleeping .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.1_none_9aa486d790131d4e\german lesbian hidden high heels .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\animal lingerie hot (!) castration .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\black nude bukkake several models glans bondage .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\chinese lesbian sleeping hole swallow .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.264_none_cb389cf57d74d691\trambling hot (!) mistress (Sandy,Janette).avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\british hardcore catfight feet young (Tatjana).mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\italian kicking gay hidden sm .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\assembly\temp\russian gang bang sperm several models .mpg.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\assembly\tmp\russian animal blowjob catfight castration .rar.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\trambling hot (!) hotel .avi.exe 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exepid Process 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2464 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2464 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3300 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3300 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2040 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2040 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1264 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1264 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2956 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2956 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 728 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 728 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 4720 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 4720 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2768 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2768 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2988 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 2988 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exedescription pid Process procid_target PID 1832 wrote to memory of 2920 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 94 PID 1832 wrote to memory of 2920 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 94 PID 1832 wrote to memory of 2920 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 94 PID 1832 wrote to memory of 1456 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 97 PID 1832 wrote to memory of 1456 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 97 PID 1832 wrote to memory of 1456 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 97 PID 2920 wrote to memory of 2944 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 98 PID 2920 wrote to memory of 2944 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 98 PID 2920 wrote to memory of 2944 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 98 PID 1832 wrote to memory of 3652 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 103 PID 1832 wrote to memory of 3652 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 103 PID 1832 wrote to memory of 3652 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 103 PID 2920 wrote to memory of 3516 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 104 PID 2920 wrote to memory of 3516 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 104 PID 2920 wrote to memory of 3516 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 104 PID 1456 wrote to memory of 1828 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 106 PID 1456 wrote to memory of 1828 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 106 PID 1456 wrote to memory of 1828 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 106 PID 2944 wrote to memory of 2564 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 107 PID 2944 wrote to memory of 2564 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 107 PID 2944 wrote to memory of 2564 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 107 PID 3652 wrote to memory of 2464 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 109 PID 3652 wrote to memory of 2464 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 109 PID 3652 wrote to memory of 2464 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 109 PID 1832 wrote to memory of 3300 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 111 PID 1832 wrote to memory of 3300 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 111 PID 1832 wrote to memory of 3300 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 111 PID 2920 wrote to memory of 2040 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 110 PID 2920 wrote to memory of 2040 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 110 PID 2920 wrote to memory of 2040 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 110 PID 3516 wrote to memory of 1264 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 112 PID 3516 wrote to memory of 1264 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 112 PID 3516 wrote to memory of 1264 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 112 PID 1456 wrote to memory of 728 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 113 PID 1456 wrote to memory of 728 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 113 PID 1456 wrote to memory of 728 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 113 PID 2944 wrote to memory of 2956 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 114 PID 2944 wrote to memory of 2956 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 114 PID 2944 wrote to memory of 2956 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 114 PID 1828 wrote to memory of 4720 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 115 PID 1828 wrote to memory of 4720 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 115 PID 1828 wrote to memory of 4720 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 115 PID 2564 wrote to memory of 2768 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 116 PID 2564 wrote to memory of 2768 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 116 PID 2564 wrote to memory of 2768 2564 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 116 PID 1832 wrote to memory of 2988 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 117 PID 1832 wrote to memory of 2988 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 117 PID 1832 wrote to memory of 2988 1832 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 117 PID 2920 wrote to memory of 3020 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 119 PID 3652 wrote to memory of 3968 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 118 PID 2920 wrote to memory of 3020 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 119 PID 2920 wrote to memory of 3020 2920 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 119 PID 3652 wrote to memory of 3968 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 118 PID 3652 wrote to memory of 3968 3652 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 118 PID 3516 wrote to memory of 5216 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 123 PID 3516 wrote to memory of 5216 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 123 PID 3516 wrote to memory of 5216 3516 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 123 PID 1456 wrote to memory of 5184 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 121 PID 1456 wrote to memory of 5184 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 121 PID 1456 wrote to memory of 5184 1456 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 121 PID 2944 wrote to memory of 5208 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 122 PID 2944 wrote to memory of 5208 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 122 PID 2944 wrote to memory of 5208 2944 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 122 PID 1828 wrote to memory of 5268 1828 9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe 124
Processes
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1832 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2920 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2944 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2564 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2768 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:5640
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:6828
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:10436
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"9⤵PID:18480
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:12796
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:4528
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:8032
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:19092
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:10580
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:14084
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:12724
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17348
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:5868
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:9508
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:19012
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:13036
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:17616
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17340
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:952
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:13148
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:17476
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17148
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:8520
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19020
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13100
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17188
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5412
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:6880
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:11236
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:12732
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:16932
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:8312
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:18092
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10344
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12716
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:4396
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5916
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10428
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:5368
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12812
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:4884
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6848
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13196
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:3112
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17164
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9104
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18100
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13116
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19304
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16924
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2956 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5532
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:6912
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:10352
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:12656
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:4604
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:8152
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17468
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10564
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:5312
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:21160
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12788
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:16540
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5908
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9716
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19068
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12972
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:3992
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5844
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13204
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19180
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:6084
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:8844
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9608
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13164
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17220
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5208
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6716
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9680
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19060
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12956
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19296
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17284
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:7840
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:7936
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10036
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18048
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12900
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16980
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5932
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9356
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19036
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12988
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17480
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17228
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6220
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:3328
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:10020
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5320
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12924
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:2316
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3516 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1264 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5520
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:7040
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:10648
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:17812
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:12780
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:17484
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:16984
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:7208
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:7748
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10588
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17820
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12756
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:864
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5892
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9384
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:3364
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:21184
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13076
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:18356
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17264
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6060
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13216
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:3460
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9996
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:16904
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12964
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17460
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17252
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5216
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6796
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9500
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19256
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13028
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17204
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:8172
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:5784
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10632
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13744
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17492
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17236
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12804
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:1084
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5956
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9492
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19044
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13068
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17276
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6728
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13460
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17128
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9964
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6192
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12876
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6116
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2040 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5388
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6856
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9692
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17776
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12940
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:16948
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:8040
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19132
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10624
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18076
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12844
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17404
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5924
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10208
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18040
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12852
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16996
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6356
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13224
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:1656
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9584
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19028
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13044
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9380
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17172
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:3020
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6708
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9672
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:3636
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13020
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17140
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:7896
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19164
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9972
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:18540
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12932
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:15480
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:5972
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:8800
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9628
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13188
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19336
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17308
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:6588
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13156
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17508
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:1620
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:8956
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:4496
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:13108
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:20184
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:17212
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1456 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1828 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4720 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5632
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:6680
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:10136
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"8⤵PID:18056
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:12868
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:1064
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:7904
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17624
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10028
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:2400
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12916
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17388
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:5848
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9372
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:18984
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12584
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:900
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:3236
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:13172
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19288
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17292
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9080
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18260
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13124
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17300
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5268
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6920
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10364
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19248
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12740
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19320
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17372
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:8164
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18976
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10708
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17712
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12772
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:4468
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5940
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9576
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19156
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13004
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16572
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:7172
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19108
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9940
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17804
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12948
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:4556
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:728 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5556
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6632
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9664
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19076
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12980
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:19344
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17244
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:7612
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19124
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10128
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:18032
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12860
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16964
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5884
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9300
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19172
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13084
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17124
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:7080
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19140
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9724
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:18008
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12996
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17316
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:5184
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6900
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10480
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:6196
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12676
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16536
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:8200
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19004
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:10840
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12684
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17012
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:5948
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:10420
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17724
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12820
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:21168
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17356
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:7176
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:19116
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:9988
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:7816
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:12884
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:17020
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3652 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2464 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5492
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:6888
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:10640
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"7⤵PID:17832
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:12748
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:6148
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:8132
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19100
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10572
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:17828
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12828
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:16916
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5900
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:9364
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:9436
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13012
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"6⤵PID:19312
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17260
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:7072
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:13140
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17004
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9452
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19052
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13092
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17196
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:3968
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6872
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:11684
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12608
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17380
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:8080
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:19148
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:10664
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:14392
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12764
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:20192
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:1148
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:5964
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:10444
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:18556
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12836
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17396
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:7188
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:19328
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:9980
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:2660
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:21176
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:12908
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:15412
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3300 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:5584
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:6864
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:10680
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:12708
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17364
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:7996
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:17884
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:11228
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12592
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17028
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:5876
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:9248
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:18072
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13060
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"5⤵PID:18440
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17324
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:4648
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13180
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17156
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:8944
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:5016
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:13132
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:1240
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:17180
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2988 -
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:6928
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:8592
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:12692
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:16956
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:7872
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:18268
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:10196
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:13760
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:12700
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:16940
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵PID:5980
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:9416
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"4⤵PID:17772
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:13052
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:17332
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵PID:7560
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:19084
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵PID:10012
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:3856
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"3⤵PID:21088
-
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵PID:12892
-
-
C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9d90ae6aa5de3545b68032c9cac101a0_NeikiAnalytics.exe"2⤵PID:1308
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1308,i,6593821857742176458,13646536021844995125,262144 --variations-seed-version --mojo-platform-channel-handle=4456 /prefetch:81⤵PID:1320
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\japanese action sperm [bangbus] feet mistress .zip.exe
Filesize1.9MB
MD57435a691e1999ed1541431590fad9f09
SHA1c9b899bf62d29120fa94a80c0e2d847f480d2355
SHA256b757d24cca3b13c4e296c24180d0072e666bb2ab780993caa71d90ec834fd250
SHA512c50e7abfda680e3ecb0f3c2954f82af64cb9b5ab33902660a46986c84f8bca15f5dd64b73b214e0d658d8912299b2f1c346dce32b1aaaa9e7eec63012c066aa4