2863f8ede8fd8d21515cc2adb0209a5fee7620c5c62713617bae2764937aa4cb

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
13/06/2024, 06:52

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
Size

99KB
MD5

6720a04c13b893470d0fe5472b94a490
SHA1

730f6d04f33b0fab9becdc76e2ba2695f6474462
SHA256

2863f8ede8fd8d21515cc2adb0209a5fee7620c5c62713617bae2764937aa4cb
SHA512

a0e79a6e54f027869a2134aac832c1119789b0b4599af030b01657e9a713dcd861c911f12e7dede262d0c0255f1cb171bbdd4dfdb170d804060ce85af230de9d
SSDEEP

1536:W7ZrpApojOPG0PGQJwFJwkpe+eTDPfFpsJOfFpsJCAdCjHKP8:6rWpcOPxPke+e3fFpsJOfFpsJbgE8

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (932) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\mshwLatin.dll.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\net.dll.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\et.pak.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ko.pak.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sr.pak.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\Timeline.dll.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\NOTICE.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterBold.ttf.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dhaka.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationRight_SelectionSubpicture.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Fortaleza.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\OmdProject.dll.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-over-DOT.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh89.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fur.txt.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InkWatson.exe.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\WMM2CLIP.dll.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_VideoInset.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado25.tlb.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_ButtonGraphic.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\fr-FR\wab32res.dll.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground_PAL.wmv.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\ie9props.propdesc.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\localedata.jar.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-TW.pak.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tokyo.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\th.txt.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_zh_CN.properties.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\klist.exe.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\msdbg2.dll.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\classfile_constants.h.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\6720a04c13b893470d0fe5472b94a490_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-39690363-730359138-1046745555-1000\desktop.ini.tmp

Filesize
99KB

MD5
8aa8f1a8f7ed67197eb8fc352570db2a

SHA1
6c3f2c8a6f94c18464e10a16b4b45706136a3c6b

SHA256
4ce78a1a64d8ad50ce86b53f51315e77c51889db7c89db71f0740141ee03d925

SHA512
ddaec513101780ee623beb3a82654c5326a8bd6e97895e01bc293b25d01176b613d2dd7a0f4535ca348c878368ed3ba0b01d9b3fea87b27119a689f2229af1eb

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
108KB

MD5
a24e3ea09369bff31a7ed7c062dfad69

SHA1
2da8557e61fc18af0687e70c0d64e238db078131

SHA256
c44d932b99c474cc7909aa8bec370a30bbb4acc1b1219fd82f7acfd83f01ae27

SHA512
7cf17923c3fc34b03e7670703330a7a505b644e76fec801d93484bb5b258b085db083e3adf24120180cc1d89544deda0a6424dfad2216eda8fb6d899c77586ab

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads