dea31ab2ce65541dc41dfdfa0db23bd3ae70c02174732c98c66331e6532d10f9

Analysis

max time kernel
149s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
13/06/2024, 13:34

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
Size

47KB
MD5

8096d6e70888342fd3bb19cbc7592510
SHA1

f39e77727413f002b6e6d4362647b338459c8e96
SHA256

dea31ab2ce65541dc41dfdfa0db23bd3ae70c02174732c98c66331e6532d10f9
SHA512

371c0e1532ef02a75ff02be85388c6d983c461a54d720fea222e234385be55451e55d2f1b56a6cf5a378ad1d3e1068bf4db0e78556164501be8afce18e31be26
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrxxbNgbNP:W7BlpppARFbhWJQix

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3683) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_zh_CN.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-charts_ja.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\PresentationCore.resources.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\wmpnssui.dll.mui.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\manifest.json.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightRegular.ttf.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Acrofx32.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.properties.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.property_1.4.200.v20140214-0004.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.RunTime.Serialization.Resources.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Malta.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\en-US\msoeres.dll.mui.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\css\settings.css.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\wab32res.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Guatemala.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\fr-FR\PhotoAcq.dll.mui.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\RSSFeeds.html.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsHub.DataWarehouse.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ashgabat.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\desktop.ini.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IdentityModel.Selectors.Resources.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Xml.Linq.Resources.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\GroupUnregister.vdx.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\dsn.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Santa_Isabel.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\usa.fca.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ja.txt.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_snow.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_rainy.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins3d\drvDX9.x3d.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\oledb32r.dll.mui.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Sofia.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrespsh.dat.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_top.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\3.png.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\zip.dll.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\sqloledb.rll.mui.tmp	8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\8096d6e70888342fd3bb19cbc7592510_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

Filesize
47KB

MD5
acb33932f1d1a981d2e4a247b0539341

SHA1
0117db2d47703f54318d684b8aed28989b955681

SHA256
126ea8617d74204aee43e87024dbe3ba6d9c4ff2f97a88ae3a42eef4cfdffb34

SHA512
e25cf61f3e5b09fcdf0fffbe472a742e8e9252c310359a81fdefc21bbaa5a31cd10c5a437c601793189a758d3ad92746c78ecab87ceb106aec0fea7e68160933

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
56KB

MD5
1fe3fa2b4be63ce652e2d405203a50d4

SHA1
6093b6c47c18245bd0ef1ed489ed4563cad50524

SHA256
63c3a6bcb9ef72d04088da2effc648df92aa56adb062323f443fd6c97dd6ae13

SHA512
6f2ee5d7bd8340590b0e28bc99923666a258863c222bf67e789fff4322e37b34559e90b119c908c9ccd6921733f6b838e958e5646b03ccc541ca3d163f265af3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads