4da3b705a1ab47138b1e98ea07a3c7cae55bc98abf97d59b3a135b5500123a5f

Analysis

max time kernel
131s
max time network
126s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
05/06/2024, 09:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
Size

91KB
MD5

4e85b255f1121f1903b45ffc0c9fe960
SHA1

67cd962e36af630001ca4e89d175d456eb946e68
SHA256

4da3b705a1ab47138b1e98ea07a3c7cae55bc98abf97d59b3a135b5500123a5f
SHA512

11096734bc0c39800b0bad0f41b2dae2fc50a736c34d599b3c97bd471c0deee49c44d9d67b5e2af6331f3ec1b4562b963c090b6f0378379105c2adbb8ab0d316
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/ejJZJ7r7raRHBRHn:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0zK5

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3442) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chicago.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui.ja_5.5.0.165303.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_shout_plugin.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_SelectionSubpicture.png.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Swift_Current.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.RunTime.Serialization.Resources.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hu.txt.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setEmbeddedCP.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Mazatlan.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\http.luac.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\FlickLearningWizard.exe.mui.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\java.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Almaty.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqlxmlx.rll.mui.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Rangoon.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Maldives.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt_0.12.100.v20140530-1436.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-progress_zh_CN.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_gloss-wave_35_f6a828_500x100.png.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es.pak.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui_4.0.100.v20140401-0608.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Yakutat.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Pohnpei.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\it-IT\ChkrRes.dll.mui.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tk.txt.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\etc\visualvm.conf.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-api.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationTypes.resources.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsprofilerui.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\jni_md.h.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore_2.10.1.v20140901-1043.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\MainMenuButtonIcon.png.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\sunmscapi.dll.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets.tmp	4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\4e85b255f1121f1903b45ffc0c9fe960_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
91KB

MD5
b515ee8a75a6233f81b849f0b041056a

SHA1
491fe2a907a6c93334bbb4f87ec96dfc16dc47aa

SHA256
5f0bf2b1fee3a50491242c3dda904da14655b6bfe82445a2041069854156d72d

SHA512
86163a9c9f67019a90df6c5f323ac786cac178a63380a99e74cf35a36e6b98ac422115557069faadff1575de94fa4ce4a426733a06aee74fc785969d9f53073a

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
100KB

MD5
b51502ce71c1950a2cc5b0f56d764409

SHA1
82a59bfd58a34954955871e09e0d671df41bbbb3

SHA256
0ca6d9279eb2979fea309eee6b1d22916cc84798382503f3d2e0e2959218e503

SHA512
cd4d90d5656c39314d9f2428cd15bdfe5c684afb2da0aeacc16c43ae7ef5a758f58d17d50addb6f645e0681273aa7888f8e02cf4711704d037765f673850f2b5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads