Analysis
-
max time kernel
150s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
17-06-2024 04:23
Static task
static1
Behavioral task
behavioral1
Sample
47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe
-
Size
79KB
-
MD5
47fb26a32c9e504cc94d324cb728a3b0
-
SHA1
1d2e46aea964d770b6e95de5efd6fc5e8281c00d
-
SHA256
a49cb34aa05023fcbb24c375e983652c3143c5a6f60763a84f05828f682a47f4
-
SHA512
20b7e750fffd8fa731b841a51c18daeef7d70050be78c0eca215215a25bcec8577205430be103ec8b54d6bde9bbd15439d21b5aa8cae6472c33f64481e8c3983
-
SSDEEP
1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhj:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsq
Malware Config
Signatures
-
Renames multiple (3450) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\fontmanager.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Jerusalem.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\FlickLearningWizard.exe.mui.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\images\bing.ico.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Windows Defender\fr-FR\MpAsDesc.dll.mui.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.core.nl_ja_4.4.0.v20140623020002.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\BlockDismount.vsw.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\tr.pak.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-lib-uihandler.xml_hidden.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\locale.ini.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\playlist\liveleak.luac.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\GreenBubbles.jpg.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+10.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\http\js\ui.js.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base.xml.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_cs.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\Accessible.tlb.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\tipresx.dll.mui.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_scene.wmv.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\gstreamer-lite.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\AccessibleHandler.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipTsf.dll.mui.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols.xml.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-sampler.xml.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\deploy\messages_zh_CN.properties.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Dawson.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\de-DE\WMPDMC.exe.mui.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ps.txt.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ug.txt.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.Design.resources.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationProvider.resources.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\idlj.exe.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\mlib_image.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-sampler.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_ja_4.4.0.v20140623020002.jar.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\postSigningData.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\zu\LC_MESSAGES\vlc.mo.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\NextMenuButtonIcon.png.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\jrunscript.exe.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\Microsoft.Build.Conversion.v3.5.resources.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\librotate_plugin.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_selectionsubpicture.png.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\eclipse.inf.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationUp_ButtonGraphic.png.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.xml.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\jfxmedia.dll.tmp 47fb26a32c9e504cc94d324cb728a3b0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
80KB
MD5e23d8891ca744851b20bab6229daaf76
SHA1d3ab125165d6cc905a1c4eaf3a8709fc1a31453a
SHA2564c6b33b8e67620ec36954e10803d35b27cdc3913709b984370ab8ac22a5d8445
SHA512d804da59045a5c42cfa009b378fe78b9da405dac84e27450f450bfa99c08bc629654c120d63c47666e0f11ad875277b6bef41e9bfeccd5415c9033cbecd42a28
-
Filesize
89KB
MD53aeca3acf61cea3fd10fb496b6d908bc
SHA1db1facd0e89a81c48d325eb4e2d5b5619c5d2ae1
SHA256b41f85e0d0401d6cd89388f676956cc50b9278d3a4781e2580a7abcb4e08d115
SHA5120b5c0f24d84914c65541b4805eb936f3733f83673b3d5589aa4694ffb937a7da85bd1e66f6281a2c111ea2dbb20a74a8d6bbe20acc7d946fedda2ac582b44b8b