Analysis
-
max time kernel
149s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
08/06/2024, 04:49
Static task
static1
Behavioral task
behavioral1
Sample
8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe
Resource
win10v2004-20240226-en
General
-
Target
8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe
-
Size
45KB
-
MD5
8d214a7b06ee01e32323bd076aa72cb0
-
SHA1
70294a00386af3a6d10f341ba91117b2e4c91945
-
SHA256
65014a87a5afd29fc8e2a175dfb9dda9375ecbb7eee6eb55e32b20518f55127b
-
SHA512
6e78c01c923422a3642446786af8ef465a83ba7c02293f967f3fc13e00e78af4cf87448f1ec5f08e6fbade6f267abc9b71a3900ab1455916fcba48291e40dbfc
-
SSDEEP
384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKriCZbQmJKUCZbQmJKV:W7BlpppARFbhWJoQmJKbQmJKV
Malware Config
Signatures
-
Renames multiple (3734) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_ja.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\msdbg2.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgzm.exe.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\ShvlRes.dll.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application-views.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\default-browser-agent.exe.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Windows NT\TableTextService\it-IT\TableTextService.dll.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\MS.EPS.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Damascus.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\t2k.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multiview.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\security\cacerts.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_SelectionSubpicture.png.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Framework.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\vlc.exe.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\ja-JP\js\slideShow.js.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\PDFFile_8.ico.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Paris.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\Sydney.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\AUTHORS.txt.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\es-ES\setup_wm.exe.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\en-US\TipTsf.dll.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\hu.txt.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Solitaire\es-ES\Solitaire.exe.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationBuildTasks.resources.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page.wmv.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxmedia.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\FreeCell\it-IT\FreeCell.exe.mui.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\ast\LC_MESSAGES\vlc.mo.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\Microsoft.Ink.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\readme.txt.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.nl_zh_4.4.0.v20140623020002.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\AcroRead.msi.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-attach_zh_CN.jar.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll.tmp 8d214a7b06ee01e32323bd076aa72cb0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
45KB
MD5b70a83ac79e7feb56962671a5349fc89
SHA1de63f14d089cc584dbe25b9771b0d89dd0a8fa01
SHA256948fdf564e70ac8f620fa860ec749aad9ce8047a1c3050ca76d9e10b7ae1bbb8
SHA512962844460ba0d8494354ae3717e898a7364bbe537a8a7692d713e1ec5413044a2811da28f56895f06a56335df038c8573d15b9b95a164a7975b14d1bfef1cfa9
-
Filesize
54KB
MD5157a429333cb4446e4879318d382e1af
SHA1ecd5f2ede7f0ce8ac9a9a70d0924ac01c12998ef
SHA2567d9d4d64aba2efd61ea70057ad37bc63e043be8a5f4c54ce87658d02f4ff859d
SHA512e4215186913ea2ca82fb1d5b0f3b49e3208e0d9453fe25f873f556b89ec06beb1aafa26747b6068c180c1040e1b3588720869b24ad125ed0b4d57c040d76c26a