b67bc8cd6093155c12a0925cf479d7e9be66aec3e55e8e347f1bd1b0fd28486a

Analysis

max time kernel
149s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
16/06/2024, 07:16

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
Size

88KB
MD5

dfe90576fb06b7c915c1b531ab388300
SHA1

7144c9a325c7203eba9bf855980c8d190e5a4bd7
SHA256

b67bc8cd6093155c12a0925cf479d7e9be66aec3e55e8e347f1bd1b0fd28486a
SHA512

585bd3d875b2bf5c733fb51ab3a52405fad062329abfb0a1c25ea7bdb89914d295e5e75b906ef5703c58edaaf9906bdad9a57f29f102053c67a8a957ded910c1
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76U:6e7WpP9oVLQthbYY9oVLQthbUvJ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3430) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core_visualvm.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Luis.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.ServiceModel.Resources.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\1047x576black.png.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\it-IT\shvlzm.exe.mui.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Boa_Vista.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Vienna.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport_mask_left.png.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javadoc.exe.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.zh_CN_5.5.0.165303.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-charts.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata_5.5.0.165303.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\deployJava1.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Marengo.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.Speech.resources.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-uisupport.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Easter.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-BR.pak.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.Speech.resources.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaprsr.dll.mui.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_SelectionSubpicture.png.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Yakutat.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libskiptags_plugin.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsprofilerui.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.ja_5.5.0.165303.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-util-enumerations.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\System.IdentityModel.Resources.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\eo.txt.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\libxml2.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Activities.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.Contract.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-file-l2-1-0.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\osclientcerts.dll.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF.tmp	dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\dfe90576fb06b7c915c1b531ab388300_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

Filesize
89KB

MD5
2b5fe051b97e69842099cab6a88d185b

SHA1
48ea5b45138e424c91ca57420efccf8f563d45d5

SHA256
cc6add8214f4d22b525481caace24d9abdf03364662de27b3f12ff17979d17f8

SHA512
6c0f2b66acc858ec5eaa23deb15169e19c40f4064febd6073aa1cb7864d04f911edd6c60fc921e51a530bf1259d5ea3da3904de6210f11e8e5401f5f74e18498

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
98KB

MD5
8b4e467f8c6ce97ec416f71cdbb6faa5

SHA1
f86ca1a7901fa4044f1452ad84ae97aa87993aaf

SHA256
48b738b41c854f72277f313f0ac9828fa08afd350f5212ee613394608d2235fa

SHA512
a879a072d91c539b7f5d1c1f842f8afaf0be10301d5f1e5f5352e6fb682b23d5bd69c06d7e37de21fa3e39d111dcab5b68e559ed6d4bc213ee99a70909b0c1b2

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads