Analysis
-
max time kernel
150s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
10-06-2024 23:42
Static task
static1
Behavioral task
behavioral1
Sample
1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe
-
Size
73KB
-
MD5
1f7d83dc2d57d6722080cff5bb9f87d0
-
SHA1
3f79ef7ade62ddcdd7a58352b3d773359157ef4f
-
SHA256
851b14dc3fd547dc22eca8d7aea17485e3decb6965d33c7a6978010eb921ba09
-
SHA512
ad0b363698eafeb4901bd0b492b7c9d1df3b41c671a4b233f1c899a2676f26a82952849a3fe87a02e735f6917123f45fbb621d79e6efa413daba88812de2b5ac
-
SSDEEP
1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76G:6e7WpP9oVLQthbYY9oVLQthbUvb
Malware Config
Signatures
-
Renames multiple (3784) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\de-DE\DVDMaker.exe.mui.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\images\bing.ico.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler.nl_zh_4.4.0.v20140623020002.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\sunec.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Galapagos.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\rtscom.dll.mui.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ui.ja_5.5.0.165303.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\msdaosp.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_CA.txt.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoCanary.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Macquarie.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Shanghai.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Client.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dial_lrg.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\VDK10.CMP.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\el.pak.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.properties.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\de-DE\js\slideShow.js.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_down.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\en-US\msinfo32.exe.mui.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Kiev.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPOBJS.DLL.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\gimap.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\HST10.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-lib-uihandler_zh_CN.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\extcheck.exe.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\eula.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\button-bullet.png.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\xjc.exe.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler.xml.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_mms_plugin.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\gadget.xml.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1042\hxdsui.dll.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\cmm\PYCC.pf.tmp 1f7d83dc2d57d6722080cff5bb9f87d0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
73KB
MD571003bf916c7d8c93a4e305a5e907694
SHA11fd7c86997ab500c886114d7a607af670cc9c46e
SHA2569004ec8caf7a5b67a596d029a3bad33a4df3d718047ed5fadd622147711eab06
SHA512bde20f9dab9baa698f1cf3883334738a8dbdeb8f98d4aa7a196d27c5f0721f7ae3c982de62bcd64abbaddb6933cb548f4d99ccd46215644af5e99b2b019bbee2
-
Filesize
82KB
MD5454b6b8a67766def685ea73b2ca371a4
SHA1a3b1381c482c3e200f5abda440dcdf155ef03a1f
SHA256516c958830e45e39f1993f6b3967e95da74e3305287bfb1b8704c9900368a7c3
SHA512f4db75a48daa1291099e1520a00e570cea06fd0934ac1800ebd1fd5aec06ffd6f715e6fe344680bf41032814277773665340c24da6cc7fe2c9d48e63f1eec6f5