Analysis
-
max time kernel
150s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
12-06-2024 13:34
Static task
static1
Behavioral task
behavioral1
Sample
3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe
-
Size
48KB
-
MD5
3e8ca8ba0b9512e5dc4cb0799d8ba340
-
SHA1
8af6930a00c902a4fb2cf11dc19ebb9d1a93c1a8
-
SHA256
2e947653ef749a01acb27330094478c2e928ef39c86ad79a556da629bc1cbad9
-
SHA512
31482ae7c2b780c9f1dec6d7fbe4ae13eceb612927de110d775d801bb3d969c393fca34e563dc0b73fb03ef1e34a47b81832b1f78ccb69a53652c64732e50067
-
SSDEEP
768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcj:/7ZQpApze+eJfFpsJOfFpsJu
Malware Config
Signatures
-
Renames multiple (3755) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\management-agent.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\pause_down.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\logging.properties.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\settings.html.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\js\settings.js.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\hi.txt.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-io.xml.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkWatson.exe.mui.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-dialogs.xml.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\PresentationCore.resources.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\VDK10.RSD.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\tl.gif.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\mng.txt.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-snaptracer_ja.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\PST8PDT.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\zh_TW\LC_MESSAGES\vlc.mo.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\soundcloud.luac.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ViewerPS.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ga.txt.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\dt_shmem.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationLeft_ButtonGraphic.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Adak.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\meta\art\03_lastfm.luac.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\it-IT\Journal.exe.mui.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_ring_docked.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\add_down.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Halifax.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\penjpn.dll.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ca.pak.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Marquesas.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-util-enumerations.xml_hidden.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper.registry_1.0.300.v20130327-1442.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\images\cursors\win32_CopyNoDrop32x32.gif.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-full_partly-cloudy.png.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-profiling_zh_CN.jar.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\default-browser-agent.exe.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\ta\LC_MESSAGES\vlc.mo.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\New_Skins.url.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\sr-Latn-CS\tipresx.dll.mui.tmp 3e8ca8ba0b9512e5dc4cb0799d8ba340_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD59c77ba0e70a45bb1d49cd7dac6ebdf9f
SHA19e712aee38864a62925fb05bfbdb34fe17c95b1c
SHA2561891163fee0ed4851b94a2d492c6846ff33348bd54d91f6dd03a36f9ec764009
SHA512201fce91f35609a01f14afcff1157ff5c5639829d1679516622e612a4d768be7871a6b068b85bb2a66ee6aa34f590f9d0056e164d16a516b035d7c6eaa74c823
-
Filesize
57KB
MD52051d6e5729407d71e35d7680d3b941f
SHA18a31cde82e550d6922ec1edbf10a435df25dfa0b
SHA25672d175d3576604eec91b1bbce23b0e7936a9111e44a54f88278ebf67e1385be8
SHA512303963e055b4921589c5cfea262e56cac0f83fdea8f0cb51c518e9b9ececbc1a9e3e195ecf58152e1585e6627b1132f03f78ecf811e0971480aaef839877d7ba