04ef0657684665e012809188354c4a659c5a23e537ac75f7815b3f6d59c5825d

Resubmissions

10-06-2024 11:56

240610-n38v7shh6x 3

10-06-2024 11:53

240610-n2aa9ahg8s 9

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10-06-2024 11:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
Size

44KB
MD5

117bd28085d2185f59371b20cc24add0
SHA1

37343497c15e5e6da3b77aedcc753193946700d0
SHA256

04ef0657684665e012809188354c4a659c5a23e537ac75f7815b3f6d59c5825d
SHA512

b5ed674dbddb2fe2f7487f5e99d460ad339ba546d1f3bb625336177ff9c96c42fc9087d9187f61e97b363d4ecd80bf62c380310c627ce40cf841e05ab1b7850b
SSDEEP

384:GBt7Br5xjLMuLAgA71FbhvDl3DG71ul3DG71XUmUIYFt1zecDT1zecDb:W7BlpNLpARFbhblkYlkuvIYFWcDYcDb

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3747) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Design.Resources.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\libvlc.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcrystalhd_plugin.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpRTP.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.xml.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.core.nl_ja_4.4.0.v20140623020002.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp.nl_ja_4.4.0.v20140623020002.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MyriadPro-It.otf.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\WMPDMC.exe.mui.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\calendar.html.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\osknumpad.xml.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\COPYRIGHT.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Regina.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\eng32.clx.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\DisableCompare.html.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnetwk.exe.mui.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_ja.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\picturePuzzle.css.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libaom_plugin.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\LICENSE.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Montevideo.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_m.png.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\can129.hsp.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground.wmv.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\vlm.html.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Management.Instrumentation.Resources.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\gu\LC_MESSAGES\vlc.mo.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\THIRDPARTYLICENSEREADME.txt.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\JdbcOdbc.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\splashscreen.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\ended_review_or_form.gif.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\ink\dicjp.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Services.resources.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\weather.html.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_SelectionSubpicture.png.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\qipcap64.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\EQUATION\eqnedt32.exe.manifest.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\servertool.exe.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jfr\default.jfc.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-11.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.ServiceModel.Resources.dll.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\javaws.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp	117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\117bd28085d2185f59371b20cc24add0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
45KB

MD5
b342a9cf5aa18fba5715d302c683f254

SHA1
fa725d6ef973113a6a9d1ee4d00e5a65292ee05f

SHA256
17b269bd81abf25543168d159e456a73dfcb889a350ef4af0a11d0234961045c

SHA512
a6df223eccae11137fc2fbe64474bf032f7fc0d9d9fa06d102c2c046a5fb9f6264b73bdfecb56f983b13b2e63b3793de47c1250b3cc5d3270ba005e694c56315

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
53KB

MD5
0445739d54731ae7b6b7141a06272420

SHA1
548c8466c9f461bdd6909c19091083a2899a1efd

SHA256
a6e4555f6fd499b9af0a4838dc0c87d7adbc5fb94ab8fa3789d6042116480ce3

SHA512
bb965bcf4796917d6c0b99a8fc003ee09dd316f974fb1fdb1a28cebb1031db9aea55c9e9137a481b5c0adfabb45ffed00bb6ab0c3a96b8d835c295d38527b902

Download Submit

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads