da9a50cc57e3038dcb1c3dbc7af301ce8aabbd5552e35ab0da749b79a782ad9a

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
14/06/2024, 02:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
Size

77KB
MD5

99fa8022abb0ac366fdcd1dc7c2bf890
SHA1

4788d3c662628a8f57b8fd76bc592a9d0e32e2d3
SHA256

da9a50cc57e3038dcb1c3dbc7af301ce8aabbd5552e35ab0da749b79a782ad9a
SHA512

bacda2fd9ad620635eeeeffd59d575fe4e64032bcba7e8fea01751757cccece51edab4e617f8de981afaafc99293c895dc1602c725e24f4aece4f065e761bdc2
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76uS3:6e7WpP9oVLQthbYY9oVLQthbUvM

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3510) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-application.xml.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\js\timeZones.js.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\js\currency.js.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\locale.ini.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Barbados.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\Other-48.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\New_Skins.url.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libripple_plugin.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-compat_ja.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\jnwppr.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-image-mask.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.shell_0.10.0.v201212101605.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\css\currency.css.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Lima.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_zh_4.4.0.v20140623020002.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-uihandler.xml_hidden.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\liberase_plugin.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnssui.dll.mui.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Palmer.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.syntheticnotification.exsd.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_zh_4.4.0.v20140623020002.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_nv12_plugin.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblendbench_plugin.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseover.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\kn.pak.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\license.html.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-api-progress.xml.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-core_zh_CN.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Resolute.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libadpcm_plugin.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\scrapbook.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720x480icongraphic.png.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Extensions\external_extensions.json.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jawt.dll.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Perth.tmp	99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\99fa8022abb0ac366fdcd1dc7c2bf890_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:3040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2812790648-3157963462-487717889-1000\desktop.ini.tmp

Filesize
77KB

MD5
daeacfe7fdc3201b9251a77f8a42bdc1

SHA1
0a3722a95464a2e8ddfc48a10e382d0b7d70cec3

SHA256
669218fe03742f82e69f66458a3c26bfde9135482c98962a40f50811abbb1e4e

SHA512
578a77afcea8fbdbf4fd8561199b9609bc25746170b863c943ced59428876f3f11ffc189cabc6a80a0484f9643ddf98d4d728e6bc94803c52835a588b71253fe

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
86KB

MD5
b079304ec9ddc8f460cb62c80b631656

SHA1
9a9766735feac5679e05fcf0fc7e86b837c26ed5

SHA256
c7ae55af2e0b9f413b6969a5b7e769c400f0604d2f752e0c9046b8dafb9bff55

SHA512
ea0b7d7b2739edcc0917a13d54e83fcd464e5fb2be7ad110bf62424ed712fb30e6de2c5eebd5881ee5f6e7fb304a9eea35f0d459295ab7215ece4e32ce4d07eb

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads