Analysis
-
max time kernel
147s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
04-06-2024 00:53
Behavioral task
behavioral1
Sample
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe
-
Size
838KB
-
MD5
199500c3d34a43f4dbbb5cc35beff8c0
-
SHA1
61939a26af8f833a2e371974bb8ae27a73468a56
-
SHA256
bcf9fd3a24f8a9b939aebf10bba38a10882850ea11535fce1511c155f345571b
-
SHA512
78640384d2aa4d9c7681d2c0c4e77946881652475c9f13ea51c6535910bf7cfb7e118a75f9906d2fb69ae59e1f8ea3bbe0cfc4be42290db62977a5ddf8b1013e
-
SSDEEP
24576:bSLYF8q75HmwdfF+X84ivwWyA3U1+duLpplldUBw4y/L3:bx4wVoAvwWP3BdokBwl3
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 8 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription ioc process Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000\Control Panel\International\Geo\Nation 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Processes:
resource yara_rule behavioral2/memory/2036-0-0x0000000000400000-0x000000000041D000-memory.dmp upx C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\blowjob lesbian sleeping .rar.exe upx behavioral2/memory/860-11-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5088-146-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/932-147-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4332-160-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/3728-162-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4840-187-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4468-186-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/1708-190-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/2036-189-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/628-188-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/860-191-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/2432-193-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/932-194-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5088-192-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4332-195-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5136-198-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5112-197-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5148-199-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/3728-200-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4840-203-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4468-202-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/4512-201-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5364-206-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5332-205-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/628-204-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5448-207-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/1832-208-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5640-210-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5148-209-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5656-211-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5664-214-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5720-213-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5224-212-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5856-217-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5844-216-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6020-218-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5364-219-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6048-220-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6124-221-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5448-222-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6156-223-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6192-224-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5664-228-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5720-227-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6348-230-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/5856-229-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6576-231-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6608-233-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6600-232-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6640-235-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6048-234-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6124-236-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6872-239-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6860-237-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6888-241-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6880-240-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6920-238-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6964-242-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6172-243-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/6192-244-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/7220-245-0x0000000000400000-0x000000000041D000-memory.dmp upx behavioral2/memory/7252-248-0x0000000000400000-0x000000000041D000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription ioc process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription ioc process File opened (read-only) \??\V: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\I: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\J: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\O: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\S: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\P: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\Q: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\U: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\W: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\E: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\H: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\K: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\N: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\X: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\Y: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\A: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\B: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\L: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\Z: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\G: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\M: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\R: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File opened (read-only) \??\T: 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription ioc process File created C:\Windows\SysWOW64\FxsTmp\american fucking blowjob catfight boots .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\german gang bang kicking sleeping boobs circumcision .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\lesbian gay [bangbus] titts castration .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\black nude beast big vagina .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\asian trambling blowjob several models .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\fucking beastiality big bedroom .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\french porn fucking lesbian sweet .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\italian fetish fetish masturbation leather .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\asian action licking (Sandy,Jenna).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\asian animal masturbation titts (Sonja).zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\cumshot masturbation hole swallow (Samantha).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\japanese hardcore public .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Drops file in Program Files directory 19 IoCs
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Microsoft Office\root\Templates\swedish beastiality several models hairy (Christine,Anniston).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\gang bang several models .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\porn xxx girls stockings (Karin).avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\cum [free] YEâPSè& (Anniston,Britney).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Install\{6BB39B16-79FA-4D8E-BB79-4EFE59F95F66}\EDGEMITMP_509DC.tmp\danish cumshot sperm public boobs .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\animal uncut boobs .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Microsoft Shared\blowjob lesbian public blondie (Sandy,Ashley).mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\fetish girls redhair (Sarah).mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\animal animal [bangbus] pregnant .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\porn animal sleeping high heels .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\blowjob lesbian sleeping .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\beast [free] femdom .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\asian cumshot sleeping latex .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\beastiality [free] .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\horse blowjob full movie .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\microsoft shared\german horse [free] feet .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\dotnet\shared\spanish horse beastiality catfight fishy .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\black beast handjob full movie titts fishy .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\blowjob hidden shoes (Jenna).avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Drops file in Windows directory 50 IoCs
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription ioc process File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\italian gang bang blowjob several models (Sylvia,Sonja).mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\CbsTemp\russian kicking girls 40+ .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\cumshot horse hidden boobs .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\spanish cum [bangbus] .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\british kicking lesbian high heels .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\italian lingerie gay several models fishy .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\brasilian bukkake [bangbus] glans latex .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\black animal lesbian hole (Samantha).zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\handjob masturbation fishy (Tatjana).rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.UI.ShellCommon\SharePickerUI\cumshot hardcore licking feet 50+ .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\sperm girls traffic .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\black lesbian voyeur nipples hotel .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\InputMethod\SHARED\african sperm bukkake lesbian .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\Downloads\japanese nude full movie .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\assembly\temp\nude sleeping vagina hairy .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\spanish nude action several models traffic (Jenna,Christine).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\blowjob lingerie sleeping .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\tyrkish fetish big lady (Sonja).mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\horse big feet 50+ (Christine,Jade).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\fucking hot (!) glans 50+ .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\african hardcore [bangbus] (Jenna).rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\french handjob catfight glans ¤ç .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\security\templates\blowjob cum big hole 40+ .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\hardcore gay catfight young .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_5b152a8d329397ec\japanese beast horse [bangbus] .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\tyrkish nude handjob [bangbus] beautyfull .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\xxx sperm public young (Sonja,Gina).rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\Downloaded Program Files\brasilian fucking masturbation (Melissa,Britney).avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\swedish sperm catfight wifey .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\american porn [milf] 50+ (Melissa,Curtney).rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\mssrv.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\hardcore xxx big cock (Jade).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\SharedFileCache\tyrkish animal several models YEâPSè& (Kathrin).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\fetish masturbation black hairunshaved .avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\russian fetish public redhair (Kathrin).zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\assembly\tmp\action cum uncut glans redhair .rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\tyrkish fucking sperm public hole .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\fucking horse [free] (Britney,Curtney).avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\chinese lesbian trambling licking sweet .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\chinese horse [bangbus] ejaculation (Curtney).mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\norwegian action sleeping glans (Britney,Sonja).rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_de-de_881b257d159a5de8\bukkake licking sm (Anniston,Gina).avi.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\handjob big wifey .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\canadian beast public nipples blondie .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\british beast xxx public high heels .mpg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\malaysia blowjob [bangbus] bondage (Gina,Sylvia).rar.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\american xxx hot (!) wifey .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\norwegian hardcore [bangbus] hairy .mpeg.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\Downloads\indian fetish big ¼ë .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.264_none_cb389cf57d74d691\swedish animal xxx lesbian latex .zip.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 34 IoCs
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exepid process 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4332 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4332 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 5112 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 5112 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 3728 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 3728 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4512 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4512 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4840 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4840 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4468 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 4468 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 45 IoCs
Processes:
199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exedescription pid process target process PID 2036 wrote to memory of 860 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 860 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 860 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 5088 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 5088 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 5088 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 932 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 932 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 932 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 4332 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 4332 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 4332 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 5112 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 5112 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 5112 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5088 wrote to memory of 3728 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5088 wrote to memory of 3728 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5088 wrote to memory of 3728 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 932 wrote to memory of 4512 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 932 wrote to memory of 4512 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 932 wrote to memory of 4512 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 4468 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 4468 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 860 wrote to memory of 4468 860 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 4840 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 4840 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 2036 wrote to memory of 4840 2036 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5088 wrote to memory of 628 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5088 wrote to memory of 628 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5088 wrote to memory of 628 5088 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 4332 wrote to memory of 1708 4332 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 4332 wrote to memory of 1708 4332 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 4332 wrote to memory of 1708 4332 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5112 wrote to memory of 4604 5112 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5112 wrote to memory of 4604 5112 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 5112 wrote to memory of 4604 5112 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 932 wrote to memory of 2432 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 932 wrote to memory of 2432 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 932 wrote to memory of 2432 932 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 3728 wrote to memory of 1832 3728 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 3728 wrote to memory of 1832 3728 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 3728 wrote to memory of 1832 3728 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 4512 wrote to memory of 220 4512 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 4512 wrote to memory of 220 4512 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe PID 4512 wrote to memory of 220 4512 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe 199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2036 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:860 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:5088 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3728 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:1832
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:5720
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:6992
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"8⤵PID:11180
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"8⤵PID:14276
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"8⤵PID:21024
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:8624
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"8⤵PID:16444
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"8⤵PID:10916
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:11412
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:15660
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:21068
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:6608
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:10592
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:14460
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:19932
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:7636
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:15596
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:21060
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10632
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14328
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:19756
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:5448
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:6860
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:12332
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:16688
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:11064
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8496
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:16808
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:11656
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11100
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:15196
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:20240
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6192
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:9392
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:3564
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13220
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:17628
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:7656
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13636
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:19320
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:9832
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8564
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13380
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:19280
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:628
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:5640
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:6896
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:10940
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:15008
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:19908
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8568
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:16552
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:4100
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11196
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14264
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:20984
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6348
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10564
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14316
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:19848
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:7936
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13396
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:19132
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10272
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13952
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:620
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:5308
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6300
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10032
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:20104
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13660
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8384
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:7928
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13748
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8916
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10280
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13936
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13184
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6124
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8920
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:17876
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:11796
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16324
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:15860
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7356
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13436
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:19212
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9472
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18824
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13236
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:18176
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4332 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:1708
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:5656
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:6880
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:11820
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:16216
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:13316
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8548
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:16540
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:11048
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11404
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:15480
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:21048
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6384
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10092
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:20392
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13784
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:7296
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:7988
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14116
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:19636
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10292
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:6552
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14108
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13072
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:5424
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6640
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10716
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14412
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:20056
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8228
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:16432
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10828
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10724
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14484
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:20080
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6172
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:9344
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:18768
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12572
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16784
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7516
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:2408
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18060
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9812
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12688
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13388
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:19144
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:4468 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:5272
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:5180
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:9124
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:18168
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11908
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:16376
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:4444
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:7288
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13304
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:18048
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:9352
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:18408
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12720
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:17412
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6092
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8556
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:16680
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11292
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:11424
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16008
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:21192
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7252
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13140
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:17908
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:8852
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18228
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12108
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:16596
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:21568
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:5148
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6028
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:9104
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:18184
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12100
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16580
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:21788
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7220
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12656
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:4504
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9220
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18236
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12388
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17224
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:18068
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:5856
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7600
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12856
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18808
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9840
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8452
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13576
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:2988
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:6964
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12740
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17420
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:8632
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:16452
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:11136
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:11508
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:15776
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:21092
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:932 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4512 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:220
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:5712
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:6888
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:10956
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:15028
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:14104
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:8520
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:2484
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"7⤵PID:11608
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11108
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:2604
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:21032
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6616
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10576
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14308
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:19748
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8208
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:15492
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:21040
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10640
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:2404
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:19916
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:5580
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6844
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10832
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14896
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:13320
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8504
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:16572
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10912
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:11204
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:15156
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:21012
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6232
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10252
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13928
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12340
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7676
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13668
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:4812
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10220
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14216
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13872
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:8428
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:2432
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:5664
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6872
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:11124
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:15168
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:21004
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8612
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:17096
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:22228
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:11580
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:15752
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:21084
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6576
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10700
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14492
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:20356
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7724
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16392
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10616
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10656
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:14468
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:2212
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:5364
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6852
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10948
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13820
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:20960
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:8488
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16520
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:21684
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:11116
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:14748
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:20976
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:6148
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9360
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18380
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12884
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17580
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:7648
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13404
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:19152
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:9848
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10420
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:13540
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:19272
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:5112 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:4604
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:5700
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:6920
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10964
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14996
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:14196
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8528
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:16816
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10936
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:11212
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:15668
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:21100
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6600
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10556
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:3952
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14220
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:19628
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7548
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16408
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10980
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10664
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:14556
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:20096
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:5332
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6568
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10648
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14476
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:20088
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:8084
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13676
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:17684
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10468
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:14060
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12988
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:6156
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9640
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18792
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:944
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:18816
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:7552
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13364
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:19204
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:9824
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:19924
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:13548
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:19312
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵
- Suspicious behavior: EnumeratesProcesses
PID:4840 -
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:5224
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:6020
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:8252
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:2340
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"6⤵PID:10600
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:10920
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14988
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:19792
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7212
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:12828
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:17676
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:9176
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:18348
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12116
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:14824
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10788
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:5920
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:7908
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:13740
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:19004
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10348
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:14768
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:13944
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17624
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:7072
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10972
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:14696
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:20992
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:9012
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:16800
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:11232
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:11804
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:2684
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:16944
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:5136
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:6048
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:8236
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:16588
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"5⤵PID:20472
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:10928
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:15180
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:3384
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:7244
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12924
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17636
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:9184
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17432
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:12092
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:16672
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:21576
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:5844
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:7264
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:12904
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:17588
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:9448
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"4⤵PID:18416
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:12896
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:17656
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:6972
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:11752
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:16400
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:10756
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:8536
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:16512
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"3⤵PID:10772
-
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:11592
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:16032
-
-
C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\199500c3d34a43f4dbbb5cc35beff8c0_NeikiAnalytics.exe"2⤵PID:21200
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=1308,i,6593821857742176458,13646536021844995125,262144 --variations-seed-version --mojo-platform-channel-handle=4020 /prefetch:81⤵PID:1156
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\blowjob lesbian sleeping .rar.exe
Filesize1.0MB
MD56455d2209dc48dda444cd6faf7b7afc3
SHA1f3cb1356e43072929b9a0c99a01d054a18149c19
SHA25607101fdb5f3460f30d08f7b95d17a9c7a42b9f2547c9d8ad98387b9215a103df
SHA512e5c371d6b6b347612fb6f41f567a2600c5d0795570a5ca6bb850e1b4b890d825748d1df9f9b6b1a5dc6f29e1daac12cd6df3303f682865369e2b2e4dd1232529