07f2ff5de3dfa809a0c19dc61ecc221a07ed4ad89a1d58fa9e62273f7ce5fc4e

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
11-06-2024 02:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
Size

97KB
MD5

2377d5e477a51482944d5d3f7ef03950
SHA1

aa4772e5a7f7953632c8d4bfdb924ea0e7269033
SHA256

07f2ff5de3dfa809a0c19dc61ecc221a07ed4ad89a1d58fa9e62273f7ce5fc4e
SHA512

47258d7414616d023a597a070a74b17a93e10ed9016683eadee7ce64ee4e8b169e959e84f1b21b17cbaeb2f0a7b301fa6e95e4a1590ef09574772bdf4b9610ac
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKPSM:6rWpcOPxPke+e3fFpsJOfFpsJbgESM

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3463) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mousedown.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\it-IT\gadget.xml.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\css\picturePuzzle.css.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-first-quarter_partly-cloudy.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\Seyes.jtp.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_over.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-text.xml.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipRes.dll.mui.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Half.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\css\settings.css.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Oslo.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_zh_CN.jar.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Guadalcanal.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\de-DE\PDIALOG.exe.mui.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\uninstall.log.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ms.txt.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\AST4.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Omsk.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Resources.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\fr\LC_MESSAGES\vlc.mo.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Skins\Revert.wmz.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\cy\LC_MESSAGES\vlc.mo.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\ja-JP\TableTextService.dll.mui.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\en-US\gadget.xml.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perf_nt.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\js\currency.js.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_ButtonGraphic.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\currency.html.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\js\picturePuzzle.js.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Warsaw.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-settings.xml.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\java_crw_demo.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\nbexec64.exe.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\firefox.exe.sig.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tk.txt.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask.wmv.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jsdt.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\en-US\Mahjong.exe.mui.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mshwLatin.dll.mui.tmp	2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2377d5e477a51482944d5d3f7ef03950_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
97KB

MD5
b3d15ba0724260f47e9b9fe0461b9908

SHA1
314f5baee711a4554866daa725d8a7e26579e8ba

SHA256
7459a817a53a5d3ffac73a01c3af0302226c42beb174691397b158dd714c6084

SHA512
e8c0f6e8edfedf0fc8b717e87997f2a148ddccda74508b3b266452455902c108bb4427581f14bfbc9f1e39c8a4ea8dee98d1b2084b1e49d8baf137b1fcd6dc6e

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
106KB

MD5
4b44f9a532e191f6af43074c8a51faf2

SHA1
42b512fb4c7fddc6a0aefe655fe8360bb3c9fba9

SHA256
31a11f975828e38ee0458e7fb3922f83e614ee5326ad78db4251f5bbf21cd1e2

SHA512
639a35d44e34067fc4037d17851a280e70d480ce66cdfc6afd6ecf4aa1628c4ac520915d64beeabae0dd637e156b11933384d15ab804c4c136fe207f940b2f47

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads