Analysis
-
max time kernel
150s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
03-06-2024 12:03
Static task
static1
Behavioral task
behavioral1
Sample
a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe
-
Size
99KB
-
MD5
a2bbb491635c8db0e30ad050e4c87a30
-
SHA1
8ffe7347c8fc3261ca72b85d7f6d9ea6edde92ab
-
SHA256
a97140f20071a9ba268b8c445424f14e97f5533a811fa2104db6e748ea5e329d
-
SHA512
71f2b126bc5b0bacba9ac601503e0faba61ce3e9a0794a237e903a1ea1bd115909917bc04dec67cef6f8793ba90b877c98d9ac8109eb875484f4c474b70b4841
-
SSDEEP
1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPNcpo:6rWpcOPxPke+e3fFpsJOfFpsJbgEd
Malware Config
Signatures
-
Renames multiple (3423) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\rarrow.gif.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup.xml.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Hebron.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Solitaire\en-US\Solitaire.exe.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_win7.css.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\browser\features\[email protected] a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\vi\LC_MESSAGES\vlc.mo.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-charts.xml.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\ShapeCollector.exe.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\manifest.json.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.util_1.0.500.v20130404-1337.jar.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\VERSION.txt.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\es-ES\msaddsr.dll.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\rtstreamsink.ax.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_ButtonGraphic.png.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.bat.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Management.Instrumentation.Resources.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\http\css\mobile.css.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libdca_plugin.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Taipei.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\hy.txt.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\unpack200.exe.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Mahjong\Mahjong.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Entity.Resources.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.Client.resources.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\handsafe.reg.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoBeta.png.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javafx.policy.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Brussels.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\brx\LC_MESSAGES\vlc.mo.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ja-jp.xml.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\html\cpyr.htm.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcolorthres_plugin.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libpanoramix_plugin.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Windows Defender\de-DE\MpEvMsg.dll.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tabskb.dll.mui.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.ServiceModel.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Windows Photo Viewer\ImagingEngine.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\play-background.png.tmp a2bbb491635c8db0e30ad050e4c87a30_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
99KB
MD583ce38dd819df39b82762aa750bb84f2
SHA1c0f3e165c9fff1a8da7e51b1ab6a2a09179b69ae
SHA256735e01f290d82407d59c7b6dac000833645f345806ebf419f381d6277ed0b847
SHA5120985f73a5402e9bb66e720697339c09f4e77c622142080ede438ed35006f274e3efab7224b99701e088272bc7391d5370c3092730e53913a47e014d373554c94
-
Filesize
108KB
MD5be11edb61c956963fa643cf09dafd412
SHA171b08463585f94c30d7897f99bc4fb503a0e4c7f
SHA25698ff6e3f138be7b4148932c4c2112df1daa5817d02e259df99919b599ff422fd
SHA512ccbf489bdb979ff011c2dfaa1695a9ee115c59e65a6a738e6c9be0be7032c31f1b01dfbe3a97948d87b0d50936edb14c9ef0f2513e45032553dca6803aa60230