Analysis
-
max time kernel
16s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
04-06-2024 01:42
Behavioral task
behavioral1
Sample
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe
-
Size
1.2MB
-
MD5
1e19a78f0fa3e99ac59a4af813ff2310
-
SHA1
ce109a7a27c5e214cf966685c4093537149b3e2d
-
SHA256
c2b9cac42d21f842b0d39f757eb10dd0222c9cb42927d6ce354d55161b698d99
-
SHA512
0fa63aa272bd23430ea17e18455a4787d0b1f373d80c06ffac34305520b9036e0084de9adcdfd9945e2eda08e387f8bc980c9c1b5f1b06a3c17652482eb22c67
-
SSDEEP
24576:V4KO2Rlnp0IJCUfn9JJY7drxivX7ZjEQaz88iJKju:aSnpvJCUVJyhrxErZHBcu
Malware Config
Signatures
-
Checks computer location settings 2 TTPs 16 IoCs
Looks up country code configured in the registry, likely geofence.
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription ioc Process Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe Key value queried \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000\Control Panel\International\Geo\Nation 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Processes:
resource yara_rule behavioral2/memory/1592-0-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/files/0x00070000000233da-5.dat upx behavioral2/memory/1808-71-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1248-154-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2388-155-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2676-182-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2984-181-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2868-183-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3716-184-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4404-185-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1592-186-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/228-188-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1808-187-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2000-190-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1248-189-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4256-193-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2388-192-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1592-191-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2676-194-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5040-195-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/1608-198-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4844-200-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2980-205-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4404-204-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2784-203-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4552-202-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2884-199-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4592-201-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2212-207-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4548-206-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3364-197-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3716-196-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/228-208-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/760-210-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2000-209-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2476-212-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4256-211-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3012-217-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2960-216-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5040-218-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5248-225-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5144-229-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5136-228-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4844-227-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2444-224-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2756-223-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/3364-222-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4836-231-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2980-232-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2784-230-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/2212-233-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5240-239-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/4760-240-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5988-245-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5320-247-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6192-252-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6176-251-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6228-255-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6220-254-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6424-260-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5176-259-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6244-258-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/6236-257-0x0000000000400000-0x000000000041E000-memory.dmp upx behavioral2/memory/5168-256-0x0000000000400000-0x000000000041E000-memory.dmp upx -
Adds Run key to start application 2 TTPs 1 IoCs
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription ioc Process Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe" 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Enumerates connected drives 3 TTPs 23 IoCs
Attempts to read the root path of hard drives other than the default C: drive.
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription ioc Process File opened (read-only) \??\N: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\T: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\X: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\A: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\B: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\J: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\K: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\E: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\H: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\Q: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\V: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\M: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\O: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\P: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\U: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\S: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\W: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\Y: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\Z: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\G: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\I: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\L: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File opened (read-only) \??\R: 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Drops file in System32 directory 12 IoCs
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription ioc Process File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\norwegian xxx sleeping (Sonja,Sylvia).avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\asian cum big .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\indian bukkake cum voyeur ejaculation (Melissa,Ashley).avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\animal catfight black hairunshaved .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\System32\DriverStore\Temp\swedish beastiality public titts shoes .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\System32\LogFiles\Fax\Incoming\chinese lesbian girls 40+ .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\IME\SHARED\russian animal hot (!) .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\cum [bangbus] boots .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\danish blowjob hidden leather (Melissa,Jenna).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\spanish nude hidden penetration (Jade,Liz).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\config\systemprofile\nude masturbation legs gorgeoushorny .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SysWOW64\FxsTmp\tyrkish cum big bedroom (Gina).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Drops file in Program Files directory 19 IoCs
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription ioc Process File created C:\Program Files\Microsoft Office\root\Templates\french handjob big vagina (Christine).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Shared Gadgets\beastiality beastiality hot (!) hairy .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\trambling bukkake [free] .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\action sleeping glans .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\xxx masturbation hole sm .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\german blowjob bukkake catfight cock .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\french xxx horse uncut (Jade,Christine).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\horse hardcore masturbation YEâPSè& .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\african horse public nipples .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\indian lesbian hidden castration .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Microsoft Shared\japanese bukkake action big glans girly (Sonja).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Update\Download\swedish lesbian bukkake girls leather (Kathrin).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Microsoft\Temp\EU9470.tmp\lesbian beastiality sleeping .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Common Files\microsoft shared\brasilian sperm licking (Karin,Sandy).avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\dotnet\shared\malaysia action [milf] circumcision (Sylvia,Jenna).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\african beastiality licking granny .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Updates\Download\french cumshot nude full movie 50+ .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\blowjob big swallow .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Program Files (x86)\Google\Temp\beast action catfight titts mature (Melissa).avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Drops file in Windows directory 64 IoCs
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription ioc Process File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\french cum xxx [bangbus] (Gina).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\indian handjob lingerie lesbian ash redhair (Jenna).rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1288_none_ca3007304990b2ea\malaysia fetish handjob licking leather (Jenna,Samantha).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_e79b400a6df5fd2c\xxx masturbation girly .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\norwegian cum [milf] stockings .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\indian blowjob action uncut .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\indian sperm licking (Jade).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.1_none_c6da8048542fddc7\african lingerie uncut feet .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.1_none_9aa486d790131d4e\hardcore hot (!) glans swallow .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\fetish public boobs fishy .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\swedish beastiality fucking hot (!) redhair .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\PLA\Templates\british beastiality hot (!) .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\black blowjob uncut bondage .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_b1ffa0e7b4ed03e2\gang bang voyeur bondage (Sandy).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\blowjob hot (!) lady (Ashley,Sylvia).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\horse nude catfight legs latex .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\kicking several models (Sarah,Samantha).rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\spanish fucking catfight shower (Tatjana,Janette).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_5af076e0a3cb0fa7\norwegian horse [milf] cock balls (Sandy,Jenna).rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SystemResources\Windows.UI.ShellCommon\SharePickerUI\swedish gang bang porn [bangbus] (Curtney).avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\gang bang gang bang lesbian hole (Jenna).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\french cum several models redhair .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\chinese gang bang gang bang big (Janette,Tatjana).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\animal trambling hot (!) latex .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-mccs-engineshared_31bf3856ad364e35_10.0.19041.1_none_abfc9db6c377b91f\fetish sleeping sm .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\assembly\tmp\horse cumshot lesbian .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\danish beast beast sleeping bedroom .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\italian animal sleeping .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\french beastiality sperm full movie leather (Sylvia,Sandy).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.1_none_f42978969c79336a\brasilian beastiality lesbian voyeur bondage .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_de-de_881b257d159a5de8\asian beastiality [free] redhair .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\chinese horse horse lesbian .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.746_none_ab42fb092bda9182\kicking full movie (Sonja).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\asian fucking cumshot full movie hole (Christine,Ashley).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.867_none_c29826784f9429f8\malaysia lingerie fetish big leather .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.572_none_cf90e12518baac85\italian sperm lesbian public titts hairy (Ashley).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_fd7349c396c417ae\hardcore hardcore [free] ash .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\asian fucking animal hidden .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\gang bang several models vagina penetration .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\assembly\temp\italian blowjob bukkake big .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\japanese bukkake bukkake masturbation glans boots (Christine,Britney).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\horse [milf] hole young .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..se-shared-datafiles_31bf3856ad364e35_10.0.19041.1_none_2f5f00d280dce9f6\danish horse hidden legs mistress .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1_none_3cfd44d351b1a8ab\indian kicking [milf] .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\japanese blowjob horse public mistress .rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\kicking [milf] mature .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\nude hidden vagina stockings .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\beastiality gay hot (!) shower (Sonja).mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\british action licking legs Ôï .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.746_none_2212358fc33cc10f\beastiality horse full movie upskirt (Christine).rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\horse xxx [bangbus] glans .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\Downloaded Program Files\italian cum several models high heels .mpg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\ServiceProfiles\NetworkService\Downloads\horse cum big fishy .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\italian cum uncut shower (Janette).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\french xxx beast uncut ash hotel .zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.1_none_fa09f84703cb02c5\norwegian handjob lesbian catfight young (Jenna).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_89c0bf1761110f07\chinese lingerie handjob public legs 50+ .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\beast blowjob [milf] (Sonja).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\danish fetish voyeur .avi.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\SoftwareDistribution\Download\SharedFileCache\malaysia action beastiality voyeur ¼ë .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\canadian lingerie hot (!) gorgeoushorny .mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_ee7ea14f7d8a3ee3\american animal fucking voyeur (Sonja).zip.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\porn lesbian mistress (Tatjana,Melissa).rar.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe File created C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.1266_none_7916f7558927ae23\danish bukkake porn masturbation (Kathrin).mpeg.exe 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious behavior: EnumeratesProcesses 64 IoCs
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exepid Process 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2884 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2884 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1608 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1608 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4552 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4552 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4404 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4404 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4548 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4548 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 228 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 228 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2000 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 2000 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4256 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 4256 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe -
Suspicious use of WriteProcessMemory 64 IoCs
Processes:
1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exedescription pid Process procid_target PID 1592 wrote to memory of 1808 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 84 PID 1592 wrote to memory of 1808 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 84 PID 1592 wrote to memory of 1808 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 84 PID 1808 wrote to memory of 1248 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 87 PID 1808 wrote to memory of 1248 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 87 PID 1808 wrote to memory of 1248 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 87 PID 1592 wrote to memory of 2388 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 88 PID 1592 wrote to memory of 2388 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 88 PID 1592 wrote to memory of 2388 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 88 PID 1808 wrote to memory of 2984 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 91 PID 1808 wrote to memory of 2984 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 91 PID 1808 wrote to memory of 2984 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 91 PID 1592 wrote to memory of 2676 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 92 PID 1592 wrote to memory of 2676 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 92 PID 1592 wrote to memory of 2676 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 92 PID 1248 wrote to memory of 2868 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 93 PID 1248 wrote to memory of 2868 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 93 PID 1248 wrote to memory of 2868 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 93 PID 2388 wrote to memory of 3716 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 94 PID 2388 wrote to memory of 3716 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 94 PID 2388 wrote to memory of 3716 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 94 PID 1808 wrote to memory of 2884 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 97 PID 1808 wrote to memory of 2884 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 97 PID 1808 wrote to memory of 2884 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 97 PID 1592 wrote to memory of 1608 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 96 PID 1592 wrote to memory of 1608 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 96 PID 1592 wrote to memory of 1608 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 96 PID 1248 wrote to memory of 4592 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 98 PID 1248 wrote to memory of 4592 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 98 PID 1248 wrote to memory of 4592 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 98 PID 2984 wrote to memory of 4552 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 99 PID 2984 wrote to memory of 4552 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 99 PID 2984 wrote to memory of 4552 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 99 PID 2676 wrote to memory of 4404 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 100 PID 2676 wrote to memory of 4404 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 100 PID 2676 wrote to memory of 4404 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 100 PID 2868 wrote to memory of 4548 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 101 PID 2868 wrote to memory of 4548 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 101 PID 2868 wrote to memory of 4548 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 101 PID 2388 wrote to memory of 228 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 102 PID 2388 wrote to memory of 228 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 102 PID 2388 wrote to memory of 228 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 102 PID 3716 wrote to memory of 2000 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 103 PID 3716 wrote to memory of 2000 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 103 PID 3716 wrote to memory of 2000 3716 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 103 PID 1808 wrote to memory of 4256 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 104 PID 1808 wrote to memory of 4256 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 104 PID 1808 wrote to memory of 4256 1808 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 104 PID 1592 wrote to memory of 2476 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 105 PID 1592 wrote to memory of 2476 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 105 PID 1592 wrote to memory of 2476 1592 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 105 PID 1248 wrote to memory of 2960 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 106 PID 1248 wrote to memory of 2960 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 106 PID 1248 wrote to memory of 2960 1248 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 106 PID 2984 wrote to memory of 3012 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 108 PID 2984 wrote to memory of 3012 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 108 PID 2984 wrote to memory of 3012 2984 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 108 PID 2676 wrote to memory of 3364 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 109 PID 2676 wrote to memory of 3364 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 109 PID 2676 wrote to memory of 3364 2676 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 109 PID 2868 wrote to memory of 5040 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 110 PID 2868 wrote to memory of 5040 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 110 PID 2868 wrote to memory of 5040 2868 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 110 PID 2388 wrote to memory of 2444 2388 1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe 111
Processes
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1592 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1808 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1248 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2868 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4548 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:2968
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:5320
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"8⤵PID:9500
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"8⤵PID:14040
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"9⤵PID:17844
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"8⤵PID:15284
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:7804
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"8⤵PID:11596
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:10328
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:14728
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:16184
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:5136
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:7108
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"8⤵PID:13472
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"9⤵PID:12960
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"8⤵PID:3584
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:8936
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:12596
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:4024
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6664
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:11616
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:7764
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8472
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:6764
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:18324
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11816
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:1128
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5040
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6192
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:9344
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:12688
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:16328
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:7916
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:11796
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10476
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:14952
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:16164
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5184
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8248
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:4212
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11404
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:4408
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6892
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12004
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8016
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8908
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10048
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:19768
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11668
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8308
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4592 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:2980
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6424
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:9936
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:13464
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:4120
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:7948
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:6296
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10644
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:2420
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5156
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8028
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:1616
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10984
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6632
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6800
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12240
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9640
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8916
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:16708
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11856
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:10188
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:2960
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6244
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11252
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:4876
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7888
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:5616
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:10576
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:1624
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5224
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9336
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12680
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:4500
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5684
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:13416
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:2812
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9880
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:13448
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:16144
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2984 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4552 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:2784
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6236
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:9104
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:13636
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:4596
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:7796
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:8516
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9240
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:14028
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:960
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5248
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6656
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:11780
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:7912
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8520
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:10192
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11840
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:16224
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6584
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11260
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12052
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8440
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10148
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:19692
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11644
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7872
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:3012
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6176
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9720
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12924
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:5772
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7728
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11348
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:10372
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:432
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5216
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9400
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12704
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5272
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6736
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:14868
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:16176
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9656
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12728
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5640
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2884 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:2756
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6468
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9928
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:13456
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:16136
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7172
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:3296
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11144
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8824
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5192
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8840
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10028
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:19568
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12228
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:3156
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6964
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:13648
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:4472
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9696
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12932
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:2204
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Suspicious behavior: EnumeratesProcesses
PID:4256 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5948
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9268
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12608
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5528
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:7348
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:14836
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:532
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9920
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12380
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:3508
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5240
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:8620
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6152
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:18340
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:11832
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:7272
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:7356
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:15164
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:16156
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:9944
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:13440
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:16200
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2388 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3716 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2000 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:760
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:5972
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:9312
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:12616
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:11080
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:7312
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:14072
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:3240
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9896
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11504
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:5100
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5048
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:6648
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:12212
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:6912
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8432
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:3056
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:13676
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11636
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:7396
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6508
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10996
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9332
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8276
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8544
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11412
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9232
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:4844
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:6220
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:9732
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12944
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:4224
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7896
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:3080
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:10484
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5788
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5176
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8708
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:888
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:18104
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12012
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5628
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6880
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:13236
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:4088
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9152
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:1532
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12644
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12316
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10556
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:228 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:4760
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5956
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:4232
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12512
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:7860
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7584
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:15252
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:16152
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:1112
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:14956
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:4980
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:4732
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9576
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12672
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:16280
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6852
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:14184
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:768
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9816
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:13420
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:16192
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:2444
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6068
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9352
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12696
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5292
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:7816
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11548
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10732
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5740
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5200
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:8384
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7876
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:11604
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:3384
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:6308
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:11944
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10432
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:9296
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:12772
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5744
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2676 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4404 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:2212
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5988
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:8872
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"7⤵PID:10156
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:12076
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:10820
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7644
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:11424
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:10464
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:14924
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:3596
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5144
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:7504
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:14828
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"6⤵PID:4516
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9360
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:13904
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5028
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6792
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:11916
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:8196
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:8784
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9980
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5076
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10024
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:3364
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5884
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:9288
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:12556
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5892
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:7432
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:14844
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:3260
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9956
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:13432
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:2876
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5208
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:9276
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12568
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:5572
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:6848
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:13788
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:3252
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:9808
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:13192
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:64
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1608 -
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:4836
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:6228
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:10080
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:13728
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:3872
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:7880
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:1544
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10280
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:14944
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:4696
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5168
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:7580
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:5652
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10456
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:3752
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:6856
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12220
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:736
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:8884
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10016
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:2288
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:11744
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:940
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵PID:2476
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5792
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:8612
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:1612
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"5⤵PID:18332
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:11824
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:4480
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:7100
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:11952
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:10780
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:8688
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:12420
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:10836
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵PID:5232
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:9000
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:1312
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"4⤵PID:12472
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:2684
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:8264
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵PID:6756
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:14192
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"3⤵PID:5060
-
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵PID:9788
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵PID:12952
-
-
C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\1e19a78f0fa3e99ac59a4af813ff2310_NeikiAnalytics.exe"2⤵PID:16132
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\african horse public nipples .mpg.exe
Filesize1.6MB
MD5de9388ae5763b969b3a47dc6dd157f5d
SHA16335ac89bdfd31de69540a670dc13f9223b275c5
SHA25652ab4f0bf9b1bc472fddd298f3851f230db0f1808caa5694cf16e48ecf6c3f1a
SHA512a0a8376bc1df926f0f8706868857baa772ffb158f7944c193689b97101c18a267481c6aeaad9096a0c39cf52b8545fb7b8deda7a7a5c8e94e8753d00ab83e7f1