82819f447e7c36c87f019bd0168341894462665936d34be211ebaff9d4fd6bf3

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
07/06/2024, 23:16

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
Size

79KB
MD5

75e7cad8dd4abc1c5f3b52aa59bf5e30
SHA1

8a0a0cc11fba33ce5f504c8699d8e19275443d7f
SHA256

82819f447e7c36c87f019bd0168341894462665936d34be211ebaff9d4fd6bf3
SHA512

b3627f76d2dcfb465b4c48d1de05f513ce521e6f7a49b79f830f2ced66c0600cebf0a4683e6620d231c6df6bc3ba892a0577a152e2b252c1a6548718f1e0350a
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6wt7tUyCUyCZ:6e7WpP9oVLQthbYY9oVLQthbUrt7t44Z

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (1009) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-BR.pak.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_notes-txt-background.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\icudtl.dat.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Thimphu.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\java.policy.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonIcon.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\pack200.exe.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\button-highlight.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ru.pak.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-CN.pak.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrdeush.dat.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\selection_subpicture.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoCanary.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Noumea.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\meta-index.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfont.properties.ja.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jli.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.war.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_ButtonGraphic.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\ja-JP\msader15.dll.mui.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Adak.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ea-sym.xml.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\uk-UA\tipresx.dll.mui.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nipigon.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\PST8PDT.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\PipeTran.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IpsMigrationPlugin.dll.mui.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_MATTE2_PAL.wmv.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Rarotonga.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Magadan.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32r.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_200_percent.pak.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipschs.xml.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msador15.dll.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\jawt.h.tmp	75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\75e7cad8dd4abc1c5f3b52aa59bf5e30_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2892

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
80KB

MD5
d2135718015d668eaede83f13dbc7c79

SHA1
c90992ccf643820b384b9f991781015708d1778d

SHA256
abf2a9eb91d19bc0abf168171f756a99ed4d6bcff0d486f915bed6327b400cf0

SHA512
85fe6230fb7f69e0f204eae448c9e1ef4fa8900eecca674cd41af70fff13aad0a551a3639d051a2e5c2d616e1c1593f265aaa50b85bdaf2b2357296d66b224e3

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
89KB

MD5
564cd00e7a19f8931cb26fec4113a845

SHA1
45aa97889149a9d25f41f9334759fb45dcfaecf4

SHA256
3ed778dbbc0cc520a636dd377bb1b8c98bf2516d6d9b1c83ef9618902be0259f

SHA512
405730073845ee416f34920221dc4688c8172e214b94e9d107dfde6d6752e6c1594f884b6b68177037e28b5f2d62f98db0f427c76cc2cb83f2e4d5b42a11ac6e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads