Analysis
-
max time kernel
150s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08/06/2024, 02:33
Static task
static1
Behavioral task
behavioral1
Sample
843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe
-
Size
73KB
-
MD5
843480470fed5b86d265b2d870e7f1c0
-
SHA1
7bd5c5f4b4596b0977baa6cf5650fb5484675c4b
-
SHA256
88b798c89aa7465de3a0ed03b2a12a56acb415dbe56f535cb16a16d2e4aa680c
-
SHA512
84e05d47ae6955e59caee32b3caa121000041ab0d2c5f7f11f3b7258d1b24f0e9055678ae32c340302c716b23315e2548e83209ccde6abbba00522e28c7a95f7
-
SSDEEP
1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEht:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsE
Malware Config
Signatures
-
Renames multiple (1024) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\7-Zip\Lang\lt.txt.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsNotesBackground_PAL.wmv.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationUp_ButtonGraphic.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\en-US\eula.rtf.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ku.txt.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\handler.reg.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-border.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pl.pak.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsfin.xml.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\fr-FR\msaddsr.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jakarta.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\HideSubmit.mp4.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\management.properties.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-split.avi.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hu-HU\tipresx.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\en-US\msadcer.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_SelectionSubpicture.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\rtscom.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\fr-FR\msdaremr.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\ffjcext.zip.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-7.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\README-JDK.html.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IPSEventLogMsg.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_SelectionSubpicture.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tashkent.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\mk.txt.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Menominee.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveDrop32x32.gif.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\cy.txt.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\chrmstp.exe.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Salta.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\background.png.tmp 843480470fed5b86d265b2d870e7f1c0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
73KB
MD570cd9689e9702bc7a285fedc160b64f2
SHA1a0cf1f63a62bc314d2890a5166052ddbb1d3fa60
SHA25677128f906d1dc7d4a5ceb4559ae421fbb93ac7b2050dfcf471672dff28074bc9
SHA512c543f6a1299ab0e6d81a2a84aeb9c0db3cfacd0f03c4b48068111633e13df66d1d90fd0f0d6e6c6a3e296043f92afdebdeedfd383e1efe5f5d4284f86228004b
-
Filesize
82KB
MD525a97bf5a0db18c81ed21dd9c684108b
SHA132878ed13d692965280c389f24f3da8cbea9c0e9
SHA256b219ab214f0fac113a22f6004680d94a8fe67539725ac859e529cdd3f9bb63ab
SHA5126ad629568875543296f4ec0a9f7fd3be8027a5c572c2aacc619cf333c40ae56a15ee6d98a6e6a890845e0e3f4e0fe075bf9ac88515c66478fa5523e08ffed964