d319534f97396915e13c9944e71dd422265c4f2c7c53277e3a73640d96e789e0

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
16/06/2024, 02:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
Size

80KB
MD5

cd41996d8fc4763384c08ea5acf3e260
SHA1

03e70d72bb8a9f2523c1a8976c33e03500d84c1f
SHA256

d319534f97396915e13c9944e71dd422265c4f2c7c53277e3a73640d96e789e0
SHA512

90d1876788260dfb8561ccd4b05d789385497f26dcd34839728a31493737430e1c61478497b67f0679c9df38fcc9f82a552418ce3c8ac8c1b399ef7e05232d08
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/HfFpsJOfFpsJ8:6e7WpMaxeb0CYJ97lEYNR73e+eKZHfFl

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3451) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\he.pak.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IO.Log.Resources.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\SIGNUP\install.ins.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmid.exe.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-execution.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro_3.4.200.v20130326-1254.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgRes.dll.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPDMCCore.dll.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Luxembourg.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_display_plugin.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\d3dcompiler_47.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledbvbs.inc.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\ConfirmUnlock.cr2.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.ecore.change_2.10.0.v20140901-1043.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgzm.exe.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Miquelon.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zurich.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\pingsender.exe.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ckb\LC_MESSAGES\vlc.mo.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-output2.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\defaults\pref\channel-prefs.js.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\TipBand.dll.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\ShapeCollector.exe.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+4.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_ja_4.4.0.v20140623020002.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.sig.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrus.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.console_1.0.300.v20131113-1212.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\LINEAR_RGB.pf.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\WMPSideShowGadget.exe.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsnor.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\jawt.lib.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\gtkTSFrame.png.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Dublin.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\de-DE\MpAsDesc.dll.mui.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar.tmp	cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\cd41996d8fc4763384c08ea5acf3e260_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
81KB

MD5
bc72c84f0cc06af9f23c601b55451463

SHA1
9129e5c11a7583766a11625d2b13087176e3d4d2

SHA256
f347414eb6a0862e5ad55183977aed59fd6e1fdd2293ea71e00757ef58451f67

SHA512
e3361173fd0ee9b6d2c5b24a34c94c31a6342108aa1602a311dc366432e952e5fa7f5b06cdd07c7636082bdc3dd44b59e3743fb9fc743c589318869ac3f31471

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
90KB

MD5
b679960f31f10d3b69e7a5369b1c7640

SHA1
4f8ebc9faf78b1884966a145154650f0aec4c687

SHA256
0914adf955742cdf7d3a82c0f2000d0d1d9d8de00d916e854be7c99911da2556

SHA512
124a520c1047255747ea15fa1a7ecd357a02b0591225df71075562c3a6db788fd14fd03670b290415cd634c968dc7f5ab02cdb080e9ee39010e5740107423976

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads