Analysis
-
max time kernel
150s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 11:47
Static task
static1
Behavioral task
behavioral1
Sample
37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe
-
Size
47KB
-
MD5
37d9fed2e1cca9ec35d35d8eeb26cc40
-
SHA1
551baa7e0c03264ae04ba0006fc11c361ec95319
-
SHA256
243d02490daa02f0746a2b6f2e0f4b95019b0a303ffa69a390644732524aab75
-
SHA512
fa919e83ddeaa4f416a2b53e7b0b48e893ed4aa6e0296be3998e034496e278a3732135f2a5257a7f7e34714429588b6aebfc3fb4832be2bb9ae9f2b7970302d5
-
SSDEEP
384:GBt7Br5xjL9AgA71FbhvuNBNmIAAM9mSIEvd5BvhzaM9mS97L7mak:W7BlpppARFbhAzEXBww7L7I
Malware Config
Signatures
-
Renames multiple (3752) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_divider.png.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_received.gif.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-correct.avi.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\F12Tools.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-keymap.xml.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\2.png.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\icon.png.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\brt04.hsp.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ja.pak.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Backgammon\fr-FR\bckgzm.exe.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Checkers\it-IT\ChkrRes.dll.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_zh_4.4.0.v20140623020002.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Baku.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libnoseek_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\de-DE\css\picturePuzzle.css.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ba.txt.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.ssl_1.0.0.v20140827-1444.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security_1.2.0.v20130424-1801.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Management.Instrumentation.Resources.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\libvlccore.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_rgb.wmv.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Colombo.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.ja_5.5.0.165303.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Photo Viewer\ja-JP\ImagingDevices.exe.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\info.png.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\it-IT\TipRes.dll.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.http.registry_1.1.300.v20130402-1529.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\bckgRes.dll.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows NT\Accessories\es-ES\wordpad.exe.mui.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT-5.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\cpu.html.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\js\localizedStrings.js.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\template.exe.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-1.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\glib-lite.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\libprojectm_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\settings.html.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bg.pak.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-oql.jar.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Indiana\Winamac.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Norfolk.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Rangoon.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_http_plugin.dll.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_rest.png.tmp 37d9fed2e1cca9ec35d35d8eeb26cc40_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
47KB
MD5fb3c38344e811742395bde21f2fe7083
SHA1d7707dbfd559b132d6991f15fb9ff5b6a4f9f474
SHA2569ec198ebd91c6279840c6ff4e368ba030c4c4301b621cfb8e12f73ba09309816
SHA5126268d6875b899fc24c3b6ce10b0f294fa75f41c96a06ab074bd3e53d03ed4557027810922d3c31dc8c14c065fd7ad64eca71e5b0458ebf2aa5741f94901012c5
-
Filesize
56KB
MD548061ef11d79d25eb9509b62406ce950
SHA1c97de0d56ac67dc6be4b05ab60fcc0c4d338904d
SHA2563a0c03225397bc8b746d5805205014bf0a3e592ce02f63d064576ae848e6e13e
SHA5127ffa7712ef366f2c4e2fd6705075a35dc468332b3222d5f92b04a81edb52733650e5e9b1b46f1e0d7b3ef92634982a1a05b80113ec5f3c439ba51f6cf0e075a9