Analysis
-
max time kernel
150s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 13:14
Static task
static1
Behavioral task
behavioral1
Sample
3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe
-
Size
47KB
-
MD5
3d53abd50b7f44f58cb1b40c619ca680
-
SHA1
bf84989c9ac5afd9e774af68576f17e72e03deaf
-
SHA256
9e2a86ecc9867ea28ba3021aa055daa56b93f1b82a3300bda03eb6e9b629623c
-
SHA512
416fa9b1a17537bc8ade152d3fc35f13a00c6dd9a854804b325c828874879f7c3da63330442165a6eec0686f0abc3ca7fb2948c8a7ab645e3c04f30cd96c8d76
-
SSDEEP
768:W7BlpppARFbhWJQiroRwOzQJfoRwOzQJl:W7ZppApHiu3K
Malware Config
Signatures
-
Renames multiple (3758) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Microsoft Games\Chess\es-ES\Chess.exe.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_SelectionSubpicture.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Irkutsk.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-api-caching.xml.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegaudio_plugin.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Photo Viewer\fr-FR\ImagingDevices.exe.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\Help\1040\hxdsui.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.core_5.5.0.165303.jar.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Riga.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\XDPFile_8.ico.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher_1.3.0.v20140415-2008.jar.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\activity16v.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\WriteMeasure.odt.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked-loading.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator_1.1.0.v20131217-1203.jar.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.properties.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Hearts\de-DE\Hearts.exe.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\twitch.luac.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Belize.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\turnOffNotificationInAcrobat.gif.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\GRPHFLT\CGMIMP32.FLT.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\fr-FR\TipTsf.dll.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\weather.html.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ms.txt.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\CST6.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Solitaire\it-IT\Solitaire.exe.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Defender\de-DE\MpAsDesc.dll.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\gadget.xml.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\keystore\libmemory_keystore_plugin.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-right.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\nb.txt.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipTsf.dll.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_settings.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroBroker.exe.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\sw.txt.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Filters\offfiltx.dll.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-image-inset.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_SelectionSubpicture.png.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\servertool.exe.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Chuuk.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\intf\http.luac.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui.tmp 3d53abd50b7f44f58cb1b40c619ca680_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD580905c8a94db0e4605d2819ab207c368
SHA111c60dda08402a84f021dd8614d17e2fc0c3f2fc
SHA2563d656eb7d23da02ea5cefa28da18f316329d649d81e2535863e02603f422c2cd
SHA512a5585542af34b7282ecddff03d610cde0f0f2ad804064fe354e60311507bed5c5c20db256926999c4c9689c0b7812279076d0e97749ed5008c6153b995e377df
-
Filesize
57KB
MD5355a8a244cbf6257da88b7030f260066
SHA11b17a1889194cd42dd334cc28bcd45b8d5ce00f6
SHA2565b3a961e19a29bf544ca0be109d325a9b6847207b5cfd9f2d1d12ad2a0ebfeb7
SHA512b70b4636944dda972de6544f13c08ca4003d046ac011701fd4d845783f9443593fc1800e21cfa3abcb59dcfe2d09e523c53578306a2d476f0f60931a680164c5