Analysis
-
max time kernel
150s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
16-06-2024 05:09
Static task
static1
Behavioral task
behavioral1
Sample
d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe
-
Size
73KB
-
MD5
d805fd94cf86a291f5911e126d5444c0
-
SHA1
f4e7cf02936036c708b7970a304b18e14834c14a
-
SHA256
5fba1c01371ea0f80c462e948aeaceb64e13c8c74f6cfc050ecea6117da65e9c
-
SHA512
cf08e9ca4a4804af8d498bf0b10305786e7fb357e56380b1e5ad2ed02f446e8497cc0405a75167cffc5c5ec031077438de4622b521db64e788ef5f1055abef26
-
SSDEEP
1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhs:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsd
Malware Config
Signatures
-
Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
Processes:
d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exedescription ioc process File created C:\Program Files\Common Files\System\msadc\msadcer.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\about.html.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\ps\LC_MESSAGES\vlc.mo.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_zh_CN.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Solitaire\fr-FR\Solitaire.exe.mui.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-next-static.png.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sw.pak.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\ir.idl.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad\ea.xml.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\UCT.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Resources.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Web.Entity.Resources.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_ja.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\ko\LC_MESSAGES\vlc.mo.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Port_of_Spain.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\ky\LC_MESSAGES\vlc.mo.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Kuala_Lumpur.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\ja-JP\MSPVWCTL.DLL.mui.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\mng.txt.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yakutat.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.nl_zh_4.4.0.v20140623020002.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-highlight.png.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-loaders.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libsatip_plugin.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EST.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libgain_plugin.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\ieinstal.exe.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\com-sun-tools-visualvm-modules-startup_zh_CN.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\PresentationFramework.resources.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Royale.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\mshwLatin.dll.mui.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain_PAL.wmv.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-editor-mimelookup.xml.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckgRes.dll.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\doclib.gif.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_zh_CN.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.win32.x86_64_1.0.100.v20130327-1442.jar.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan.tmp d805fd94cf86a291f5911e126d5444c0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
74KB
MD51544ab94e7899fa7ed0a4a98cc8acf16
SHA122a265b5825b6092f56baff144cb317c594e7450
SHA2561742d3a4af4612f911aa3da077c9e2c7345180cd49d951ae8e4bf4853ddbcbbd
SHA5128d96512a408739657ba242b91829cd5238c139b42f183019f307a7872f0ef219e1bb28ab5f8139cad875b78b94c9090740339db5d31f33a4f8cdcceac8386778
-
Filesize
83KB
MD5e0ee07d3289926606631ef3ae7142966
SHA1ca17a180b39b85d7228675be56436474526dffc6
SHA256664f86d0e7da270870d49f374c395a18baba39f5187db50c7a2b656ed494b62c
SHA512e652bddae3a8526b6434d2d323c165c59e3c3fd429390c0db8c85d35931bbfb3957a9aa7d11a016d15c6285da6f9e141f7b53e6fdd8e758e2dffadf1c2c5d784