21cee6ad9f6649746abb2a93507baf348dca80ab184f83e461e80c24d7ba328d

Analysis

max time kernel
112s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
06/06/2024, 18:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
Size

29KB
MD5

eaf29828e30926e47fc35b590f804050
SHA1

e82f4cdfc80dd31125d50f4fc260c7e3e7160c53
SHA256

21cee6ad9f6649746abb2a93507baf348dca80ab184f83e461e80c24d7ba328d
SHA512

a81307b6531b937feabd0b24d5bdd55b50fc36ece54f7a71653c086347825d65249db3def2b266b487f94d0b903d168eb2db78ef87eb95ed16eb6834b7a25ceb
SSDEEP

192:tACUADIY0Br5xjL/FAgAQmP1oynLb22vuN6GnN6G0JN:GBt7Br5xjL9AgA71FbhvuNBNqJN

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3055) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_SelectionSubpictureA.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\verify.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Sofia.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\fr-FR\Minesweeper.exe.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fr.txt.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee90.tlb.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.jetty_3.0.200.v20131021-1843.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-modules-profiler_visualvm.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\ext\dnsns.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\de.txt.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.Printing.resources.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-background.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Havana.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\La_Paz.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\F12.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ms.txt.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Rainy_River.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chatham.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\license.html.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\es-ES\WMM2CLIP.dll.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Wallis.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_zh_4.4.0.v20140623020002.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\bckgRes.dll.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Services.Design.resources.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\el.pak.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\content-types.properties.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Eirunepe.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\fr-FR\chkrzm.exe.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.Targets.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-backglow.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jfxrt.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_SelectionSubpicture.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome_proxy.exe.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Hovd.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbjvs.inc.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp	eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\eaf29828e30926e47fc35b590f804050_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1652

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
30KB

MD5
483716293014570e560d8ba8e5bd0613

SHA1
d332c4534e2ba0b7d7431dde68f2b70d16064f3a

SHA256
4140819857b9ff178e49fe963877f84a8586fdfbc1b8e425d568123495c22c10

SHA512
e6fd3f7f06c359a90043c5b39efff14e78dbbd9f4eacc4dea12bab0a38c48138df3510ac883beedf643ebbade73abe0d8f436149b42191e0aa70795445a12444

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
38KB

MD5
5f6477520c0fc74cf56955039a3546f6

SHA1
1a1c54efbe473caf925d330bd820907be82fa0d9

SHA256
c31289ac800e7990371c56164b57f86fc1b967ba427f6ab01cbdd5d9ba558afd

SHA512
473b656df321d7c3c9804b05c49bba2973c559ec14ac8cc2d671f67b7f8023e1a67903620d66258e717924b60bb97b1a3a8a1fb45e8e5d3807e9b5e40460f972

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads