c51a509bb6c055985dd705a27853d7f24ee7a626b2c846ccaee02b7485238b35

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
07/06/2024, 05:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
Size

84KB
MD5

3c7d7b9e09c8b3b714e21494b656e4e0
SHA1

8b6a35bd40b2f63bf979d85fb9ebf8a7b9ee6290
SHA256

c51a509bb6c055985dd705a27853d7f24ee7a626b2c846ccaee02b7485238b35
SHA512

9c9dc822c9c70518aadc4f902f493ea7739102335246056429095d49d3f9ab25683fe1cb95f86ad38d49ca1ce8abf2bdb4fc5e2a8bf8773bdbe2d7fad2bca7cf
SSDEEP

1536:W7ZDpApYbWjIlE77ufL2e+efZwZQ/8S/8eyq:6DWpwE7oL2e+efZwZ08i84

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (811) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\DVDMaker.exe.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\DumontDUrville.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Filters.xml.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipTsf.dll.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_select-highlight.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\v8_context_snapshot.bin.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java_crw_demo.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrespsh.dat.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\D3DCompiler_47.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado25.tlb.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsource.ax.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadrh15.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tabskb.dll.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadds.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Dot.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InputPersonalization.exe.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ka.txt.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lv-LV\tipresx.dll.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\instrument.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnld.xml.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\wab32res.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiItalic.ttf.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nl.txt.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwgst.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\msdasqlr.dll.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7-zip.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\micaut.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-highlight.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_pwa_launcher.exe.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadomd.dll.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationLeft_ButtonGraphic.png.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\tipresx.dll.mui.tmp	3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3c7d7b9e09c8b3b714e21494b656e4e0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-330940541-141609230-1670313778-1000\desktop.ini.tmp

Filesize
85KB

MD5
4d4970ed6360f20c89c387f12231fce6

SHA1
3f08677b77a6f727fd0b18dcf0883fdb8c08d541

SHA256
30a4ce238831d12b6bd49d1f07487d7006f1354b81dba0659bcbfa6087e619be

SHA512
d332169f3372a202c1b468159b5df8da52fe09d435e1703bb20c920e5166740a25b0636579b27c8f08f282738120322d958167f45c75f896f20a5dfb2b96c1f6

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
94KB

MD5
4ff7b36f7cc7f72f2edbf7710b0723ea

SHA1
4d5b8c23cf754814483b275076de8d1e7fca76e2

SHA256
8db0aeaef28a2cee1f3a37ccf427fd2a7193ac09cd47b0657c23ee3e62b304b6

SHA512
4758691fa7683395ae20b9fdcd3dcc72f2d0974f0fc092358c2b60d84d38d44eb765942145d5cebb13693086377b8c278a85bcec4ab4d75583ce34e9361bb04f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads