Analysis
-
max time kernel
149s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
08/06/2024, 03:24
Behavioral task
behavioral1
Sample
87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe
-
Size
227KB
-
MD5
87cf19364e1beb4c56e55433685094f0
-
SHA1
acc9075cd32ec40eaea75cb7541190553dd13976
-
SHA256
46f36c8515b245e355c5220e1c9f3c5a76b3326157db78881ee745fd367c6aa9
-
SHA512
ddaa0a8c2ed6b8a5f880c48b5b4567389d1dc49349528b1a4fe53e26b8117203dc38ec4a758c27f7736cc20d96a624592a86b0503ac3b699f7ee9ac062917c79
-
SSDEEP
3072:+nyiQSo1EZGtKgZGtK/PgtU1wAIuZAIuYch93g+gfFpsJOfFpsJE:JiQSo1EZGtKgZGtK/CAIuZAIuH3Q
Malware Config
Signatures
-
Renames multiple (3160) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
resource yara_rule behavioral1/memory/992-0-0x0000000000400000-0x000000000040B000-memory.dmp upx behavioral1/files/0x000c000000012279-2.dat upx behavioral1/files/0x000200000001048e-6.dat upx behavioral1/memory/992-540-0x0000000000400000-0x000000000040B000-memory.dmp upx -
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\IPSEventLogMsg.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.codec_1.6.0.v201305230611.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-threaddump_ja.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Windhoek.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\eu.txt.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kiritimati.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\libEGL.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\WindowsBase.resources.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libheadphone_channel_mixer_plugin.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_selectionsubpicture.png.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\contbig.gif.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.nl_zh_4.4.0.v20140623020002.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\license.html.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Mahjong\MahjongMCE.png.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_widescreen_Thumbnail.bmp.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Purble Place\es-ES\PurblePlace.exe.mui.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIconSubpict.png.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-shadow.png.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Merida.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationTypes.resources.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Phoenix.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\EST5.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\fr-FR\oledb32r.dll.mui.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.RSA.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Kiev.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\pa-in.txt.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-dialogs.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Guatemala.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\de.pak.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\pdmproxy100.dll.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_zh_CN.jar.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css.tmp 87cf19364e1beb4c56e55433685094f0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
227KB
MD5870b5e1ad651468c9944ec08b631eca2
SHA18e13fbbd9f51bb1be6be7649ae4941a4be4349b5
SHA2563f2b5e8a320a42ed51dfab57f7df477b238ebe45e1cfdc8c5deaf6222b6eaee4
SHA512dbac980f040229917fb615cfd47c94b94d1dc1ab4461d3b331edf0343ac9f7cd0af1f985c1f158a5120014258beae0420fa4fb09447dd46e648bccc86b0372c0
-
Filesize
236KB
MD586b4c42083c42e49d7b253ccc64350af
SHA188b127f84c4c340a75710f7872e7f37d098975cb
SHA2568e82e28bb7770c1eaf4d5c7b4aea9756ff105d416c52071cbb348ca273360c2b
SHA5122122c9e9c87c24c3b5a0a668bc98e60acede1a4b9ee19b51d46ae4fcf4658b8435e8a2b08802d4372a353e2468bd4de89dbe5551a768c41458394314992c6552