Analysis
-
max time kernel
150s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
11-06-2024 00:05
Static task
static1
Behavioral task
behavioral1
Sample
2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe
-
Size
74KB
-
MD5
2021d29e64c53d9daca87df8ce71d9e0
-
SHA1
80dcef20b1a8d39647a4ddf96cde7d040cc7b876
-
SHA256
d3bab3c59656f139de8430700d29bc64b1cd2ffd3addd7fa76d3a84743eb1835
-
SHA512
e573b184bb93a59a60ed7da20dadbbf66b23684400be028569c9d7d8b2ece233dbbf7062d613bc8ed89aa017a28abf57e0cf88d573d004c6f859a6a78c68984f
-
SSDEEP
1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6wt7t5m0m69M:6e7WpP9oVLQthbYY9oVLQthbUrt7t5mh
Malware Config
Signatures
-
Renames multiple (3611) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationLeft_SelectionSubpicture.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\NavigationButtonSubpicture.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkWatson.exe.mui.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_ButtonGraphic.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_LinkDrop32x32.gif.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\uarrow.gif.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mac.css.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrfralm.dat.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\it-IT\wmplayer.exe.mui.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-ui.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-middle.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\gadget.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\META-INF\MANIFEST.MF.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT+2.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.Speech.resources.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\VideoLAN Website.url.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\es-ES\wmpnscfg.exe.mui.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\gadget.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-visual.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Net.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\ResolveSync.tif.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\http\mobile.html.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576_91n92.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\clock.html.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_WMC_LogoText.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\management.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\es-ES\gadget.xml.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_cloudy.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Optional\README.TXT.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrfrash.dat.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\mai\LC_MESSAGES\vlc.mo.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\de-DE\NBMapTIP.dll.mui.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)alertIcon.png.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_all.gif.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\es-ES\DVDMaker.exe.mui.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ru.pak.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.zh_CN_5.5.0.165303.jar.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding_1.4.2.v20140729-1044.jar.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\MinionPro-Regular.otf.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\fi.txt.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra.tmp 2021d29e64c53d9daca87df8ce71d9e0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
75KB
MD53c24a0c06c1d96d8955ca3ff3fc9bc24
SHA12eca06eb25bd7549c06dd0c32725311f22ff70ae
SHA25658d3c5caeb59845223b6b0a2e0d094f002c3c2b1b5d9148eca02a33d4fdb9207
SHA5125e34e567cc9108b8034af94fc58d114ae5c032af443ecc2c5eb1881941a5f980302d8bed526237c0b780bf5d7f477da26e2a3548b87232e0c09c7a4b678800ee
-
Filesize
84KB
MD588467720472be8c5016d3f08a857a2dc
SHA1201231dade282a4ff5d767ffe1631baf259eb62b
SHA2564d38df6912e7a2dcdaeb63972aa820e026cf3ccdb9c68ea7ac11ce05e48eac82
SHA512ae328003f0951cd43e056bdcf3571937afb34801086c62b313d8a9d24eb2e9c1751dabaab1b8feb1c61b8ca43b06073b7811e89d16890e1ed92899e0a309c5fc