Analysis
-
max time kernel
150s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
17-06-2024 05:07
Static task
static1
Behavioral task
behavioral1
Sample
4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe
-
Size
80KB
-
MD5
4e8a54524341e8ccac37bde9127e16e0
-
SHA1
316db8ed8304d267d489e13f667fead89305e356
-
SHA256
a5ebb6f336b6495c0674ccf8b9a925b869e7640cb2c7409db1d5ebdc8f94e4c4
-
SHA512
06d1bf3b279892c291af402c732d5a853f37afa0e43cb7f59e80902e6dc431e121e0e1f0f85f690c9b3d622748c11fe65a33f21fe245610375669221a93cd7f0
-
SSDEEP
1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6b+W+V76uSj:6e7WpP9oVLQthbYY9oVLQthbUvQ
Malware Config
Signatures
-
Renames multiple (3541) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.DataSetExtensions.Resources.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\msxactps.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_zh_4.4.0.v20140623020002.jar.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\MeasureEnter.html.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw32.jpg.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\wmpconfig.exe.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\en-US\jsdbgui.dll.mui.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\macTSFrame.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\title_trans_notes.wmv.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationClientsideProviders.resources.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_partly-cloudy.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\MST7MDT.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Syowa.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\META-INF\MANIFEST.MF.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\RSSFeeds.js.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\zh-dayi.xml.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nb.pak.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_plain_Thumbnail.bmp.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\eclipse.inf.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluTSFrame.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Guyana.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Taipei.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mip.exe.mui.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-disable.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\weather.html.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoDev.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\js\settings.js.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\v8_context_snapshot.bin.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Backgammon\en-US\bckgRes.dll.mui.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_realrtsp_plugin.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\libinvert_plugin.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\gadget.xml.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\settings.html.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.webapp_3.6.300.v20140407-1855.jar.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-enumerations.xml.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-4.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Microsoft Office\Office14\BCSLaunch.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_bridge_plugin.dll.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\ja-JP\Sidebar.exe.mui.tmp 4e8a54524341e8ccac37bde9127e16e0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
80KB
MD5ed9fd8196f2fd3acf058f1e0e4c70b4e
SHA13a5be5528da0c88b80dbe82aa4271131207da75a
SHA2560cacd35dc194d2d5c2ad2d163c075178a4196b3abb8080c0ef270a0cf2ef3d5e
SHA51220f1a8d9ce998a9b4e2c1bbb25e279810a6b58bb11f1edec4ac4733850ed2779dae15954d1ec8e80fc1255608a5d3013c7674fd3317d89f8dd376533267481ce
-
Filesize
89KB
MD56fd46629d6c624ba01f007dabfd1c6cd
SHA119b7e2343147123c0fff7b2e5f15dc53e5431ec6
SHA2561144cc4e5c246b744789192d116889073191fb0f0758ff42bd18b695f0e185ef
SHA512e096717f7b87d37f708ca6c055d17a02cd45bbadf7accd71f7b77107297e97c30bd8736178f98eed0cc77fa74b7d48c39e00216c7d9fee473c8e1ab8ca8d024f