Analysis
-
max time kernel
149s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 12:18
Static task
static1
Behavioral task
behavioral1
Sample
39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe
-
Size
316KB
-
MD5
39d60a42b89b07b7b240f8e1888da680
-
SHA1
a8c1858e89a40264f051458256fe12fb8f8cc827
-
SHA256
9858b969a16faf308aea54fc411c52a9e4dfed285a3e6f9300cb23e7bd6fec19
-
SHA512
e9eab67608172d16acb02c8531d183e58eda661762cd717b8b676446a3f86109c757281ab7e977b6e777b301624850df084e51631fb3bbffb51adab044464d59
-
SSDEEP
6144:tFPxPke+eIr9RUxfKIuqBcKxNWdp+bkrdHs1lpaSL4vt7:3PxPir9RyiIuGcKbpaSL4vt7
Malware Config
Signatures
-
Renames multiple (2811) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.rcp_4.3.100.v20141007-2301.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-execution.xml.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Nassau.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Tarawa.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunec.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Purble Place\desktop.ini.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\glass.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\splashscreen.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ro.txt.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-overlay.png.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoDev.png.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-multitabs.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\javaws.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_HK.properties.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_zh_4.4.0.v20140623020002.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sendopts_ja.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\tt.txt.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-favorites.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\server\classes.jsa.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\jsdbgui.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\ado\msader15.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-background.png.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-applemenu_zh_CN.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\ja-JP\msdaremr.dll.mui.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Lindeman.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_ja_4.4.0.v20140623020002.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\FreeCell\ja-JP\FreeCell.exe.mui.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.nl_ja_4.4.0.v20140623020002.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_SelectionSubpicture.png.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\d3dcompiler_47.dll.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\org-openide-util.jar.tmp 39d60a42b89b07b7b240f8e1888da680_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
317KB
MD5391bf1813bf7795780ebb4171a5b8d79
SHA1015f4bb8e9dc5397ebdbcb3fea84b06252792ff8
SHA25608392a14e1a798e1664b5fdc3b09c69dc06942bd3e9aba9893b9006b819380fa
SHA512be85d84f6cac2a255116b422d7fd3b7bffa449fb2c1ba038f6786146745c7c064f1820b356553c9424ab4a82747f3d9a9cdc7684e71b365420e42dc0a7dc443a
-
Filesize
326KB
MD5589cbc87235e65d1643cfdaab080a0f6
SHA117948470441d9427833cf0cff56ed83f4e26dbf1
SHA25628f67dfe993fcc45e3799fb875052d4329d3bfec8443ef879789ddc638de7bf8
SHA512efe766954a6f9a5d911d257c4b38bb35ddfccfab1763e1b6ce3b14e032d1e186155822adf7b90a570f810e0fb1f19c85f555e8c85c76ed90f4f1c92b26c2acc1