Analysis
-
max time kernel
150s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
16-06-2024 05:01
Static task
static1
Behavioral task
behavioral1
Sample
d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe
-
Size
80KB
-
MD5
d745d4ca37c754f744b8f82e659f5c40
-
SHA1
852e86f2beff2e59492b4a92bcbb5edb68ab2044
-
SHA256
13bd550da18e76ac30fe80d4127ef8ca2433a6a952acb3b74669f897125282e2
-
SHA512
4aa536c2e3ea56867eb86d5d2cea213a9df5aa88a1e4c2ffda394f17ed2f371dcfa2f6cc35d3b042ecbc8116424919b52a22da6c15193b3a116a3cb23affbe97
-
SSDEEP
1536:W7ZhA7pApvOsOKjC0YSilpFpfkJOM2kJOMIsKsc696xZW:6e7WpXYvndK
Malware Config
Signatures
-
Renames multiple (821) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\es-ES\msdasqlr.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\TitleButtonSubpicture.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\derbytools.jar.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\it-IT\oledb32r.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\it-IT\DVDMaker.exe.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Tell_City.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\gl.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Porto_Velho.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipRes.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Winnipeg.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwresmlm.dat.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mip.exe.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\et.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ro.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\es-ES\msadcor.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\ja-JP\msdasqlr.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwruklm.dat.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\fr-FR\msinfo32.exe.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\launcher.exe.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\JavaAccessBridge-64.dll.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\ja-JP\msadcor.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_zh_CN.jar.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tipresx.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\mng.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\npt.dll.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ar.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationRight_ButtonGraphic.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_INTRO_BG_PAL.wmv.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoCanary.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.sig.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\chrome.exe.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-join.avi.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Petersburg.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\soniccolorconverter.ax.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\zh-cn.txt.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kabul.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\access-bridge-64.jar.tmp d745d4ca37c754f744b8f82e659f5c40_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
80KB
MD522ce2aa80e1ea60748059bb4ba50f751
SHA191091a9ec8f7448a4927d8a4f9d016b2cfbf7920
SHA256b958ecf340abda8b4a72ed092a8a3c5432c7a4805feb37300829082cc9b07c8e
SHA51252e9a444b1860d3976cdbca8eaa69c4f851da8fd9d97a89e07682ade1a5f3a060f97e0a0c74cb81e3916f44b574b691b049d515a5a8ef76417d6bab6a0a6d93f
-
Filesize
89KB
MD5233ec4d260ee1f0d018c4fa8b6e6e100
SHA19b82ffdc7822e53e89a88934d4eb8c3e7ec51075
SHA256f2a8c8b4f04928b5453095a501638a89cf6518c8629d2e3cbb2b04b6655bcdaf
SHA5121d6893fefcbc2db06fb48bf1a28b18ce6f3f94186905986a0d4239ab2a98bcf189cc765a32701cc45b49a3a1175fcf9224bf44f0470650b5a1292d1ab80d440c