ff9ab5d76fa896063ee3235aad6c35bd930ddfbb7e1d19ec79958565c71962ca

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
14/06/2024, 11:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
Size

78KB
MD5

bca025d3777d528f39c6b8f8999f3da0
SHA1

d0da64ce30f5f917c36dfa570e7b4c1ec711b001
SHA256

ff9ab5d76fa896063ee3235aad6c35bd930ddfbb7e1d19ec79958565c71962ca
SHA512

face2b009b0e7a2a4a0ae18c0c5a9dd3bb7ffcdfbad3703da9e83f7994d32d8896cae24218e8513a3632535d7a9cbd80315fca5200f83635396d7aa144213532
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76uSv0hcM0hc1:6e7WpP9oVLQthbYY9oVLQthbUvX

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3445) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-windows.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\es-ES\chkrzm.exe.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\te\LC_MESSAGES\vlc.mo.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\es-ES\JNTFiltr.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\icon.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\msdasqlr.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Merida.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fontconfig.properties.src.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_docked.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AdobeLinguistic.dll.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationLeft_ButtonGraphic.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\charsets.jar.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\DMR_48.jpg.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\el-GR\tipresx.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\de-DE\msader15.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-spi-quicksearch.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\tl\LC_MESSAGES\vlc.mo.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\es-ES\msoeres.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia90.dll.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcor.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\javaw.exe.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Stockholm.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\Microsoft.Build.Utilities.v3.5.resources.dll.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveNoise.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\WMPMediaSharing.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\ja-JP\msoeres.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\wmplayer.exe.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\gadget.xml.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\networkinspection.dll.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckg.dll.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\es-ES\ImagingDevices.exe.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\6.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\203x8subpicture.png.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Brunei.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Matamoros.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kabul.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Net.Resources.dll.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\ja-JP\chkrzm.exe.mui.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rio_Branco.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.properties.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\META-INF\ECLIPSE_.RSA.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler_zh_CN.jar.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Los_Angeles.tmp	bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\bca025d3777d528f39c6b8f8999f3da0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

Filesize
78KB

MD5
9dec6648ad910c11d5dfb0e988b242b2

SHA1
392b17e742cd9969def52ad46ca890a06800b0f7

SHA256
2c35aa9d3048283ca11c998bf888187114d0efba81c58a2e2b24d1c223fd11a2

SHA512
cb42804fd069bf2726fc918d6bb8a69bf378241cadd7f17c542b08d0281131a890d79e7e6c2bb567473232c3c22dc9a9fbd733e681de88be03cdf1de7f5c9686

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
87KB

MD5
e148b5fc8fe27fb2e813d6f5db5b6433

SHA1
deb10e92f7d5305a69ff7e90cbb4439bdfe9e36a

SHA256
8736d79d9f3ca073fce6c03055489005124508e5cb7a11657e98aa5cb092cacb

SHA512
460bf73420191d46bedf69d82f7aa205df0498a0594062a6898b33e2ea8687d6aa4046d3a1d4789a9957a41b172a6496cce7e4110615deb0831a7cd3f3d54661

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads