3aad22ccc512fa146f55b3d208cb604d59f66ecee1a8ed2dd7c311a166717042

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
04/06/2024, 03:07

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
Size

135KB
MD5

25721877fb43b9ae5c714b9d45116fd0
SHA1

40df65d02772df3b62383e134aea5fb9768f9be8
SHA256

3aad22ccc512fa146f55b3d208cb604d59f66ecee1a8ed2dd7c311a166717042
SHA512

52accceaa9fbe7aa91c2b7946bf49462acfbae1a348e4979d14c3f27e32334ec38dfe39934b95f2961c34032a84f2b07f61be588deb646eb86fbdec78202f863
SSDEEP

3072:6e7WpHIyRF9ESWu0SWuDmhSauvEKxVTLJtxoVz8FUDrYYaCusjdEKxVTLJtxoVzj:RqlIyFESWu0SWuGSwxo

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3432) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_pt_BR.properties.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Engine.resources.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\images\bing.ico.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrenalm.dat.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsprofilerui.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\OmdProject.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\GetExpand.png.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\unpack200.exe.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jp2launcher.exe.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\NEWS.txt.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bishkek.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libfluidsynth_plugin.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sr.pak.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.zh_CN_5.5.0.165303.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\co.txt.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javaw.exe.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotiondetect_plugin.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_cycle_plugin.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Madrid.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmpgv_plugin.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\librawdv_plugin.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Monrovia.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.filesystem_1.4.100.v20140514-1614.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\dcpr.dll.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred.xml.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-coredump.xml.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Belem.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-javahelp_ja.jar.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\ShvlRes.dll.mui.tmp	25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\25721877fb43b9ae5c714b9d45116fd0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
135KB

MD5
e5c5ce29949de091cd0e48a33280444c

SHA1
12b69b69320fbd99f654b0a3f6092396e4944f45

SHA256
d796ca884b84f23f2a72fa27422986e40d70b12b8c4e207d9f810739d66c2af4

SHA512
a3bb27fe4ef89cdff2e3277f46f2f96a8a87bc31ad4ac9001aaf45b5e88951e3e50c460401e8a965f64de377e08ea1f1ef1a47f15fb9bae50c12cb93533265dd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
144KB

MD5
1034a91e8f7199342cda2293b6b0dda3

SHA1
37e270f3d3c7c1df89bd3d23ab7f37ba67daf702

SHA256
11f4b8c945c8244e804a4178033ef639e57b21502d177a2f527d871a9d554eb4

SHA512
5f8945ead071e42271d07dcce77447ec405685349f6391bbb142503ce2ff9950590041063e3b08e668fff4574bc7ec781ac2dd26743e92b47644453908977858

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads