Analysis
-
max time kernel
150s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
17-06-2024 07:15
Static task
static1
Behavioral task
behavioral1
Sample
60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe
-
Size
78KB
-
MD5
60700f04f818f58768ec1ae6075e41f0
-
SHA1
32c5e6c3b45027f32658113adbcb28a17c25af10
-
SHA256
8f07209f44388b442dd67557bd8fa6b1284985cd11419f3ab94b7602f50bebfb
-
SHA512
168d92dc90b4a6705043167f504705b3488a8d1ec9cad066ea0a76ada027ab802a099f8db47a7745134042e24b4ec501cdfc53e9e58350cdeb049d1f3420b156
-
SSDEEP
1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhD:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsW
Malware Config
Signatures
-
Renames multiple (3434) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\nb.txt.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Europe\Helsinki.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\it-IT\MSTTSLoc.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\Templates\Dotted_Line.jtp.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands_3.6.100.v20140528-1422.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_zh_CN.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\ieinstal.exe.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\dt.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\api-ms-win-crt-stdio-l1-1-0.dll.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\defaultagent.ini.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\en-US\js\calendar.js.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_hover.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Soft Blue.htm.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine.nl_zh_4.4.0.v20140623020002.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\deploy.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Dushanbe.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-previous-static.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\en-US\DiagnosticsTap.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\policytool.exe.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\ja-JP\WMM2CLIP.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Budapest.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\ja-JP\jnwmon.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\imjplm.dll.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\content-background.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\DiagnosticsHub_is.dll.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\fr-FR\JNTFiltr.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\ECLIPSE_.RSA.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\tzmappings.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.Printing.resources.dll.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\eu\LC_MESSAGES\vlc.mo.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\El_Salvador.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\TipTsf.dll.mui.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\106.0.5249.119.manifest.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayenne.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Chihuahua.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_zh_4.4.0.v20140623020002.jar.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\axvlc.dll.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.bat.tmp 60700f04f818f58768ec1ae6075e41f0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
79KB
MD5fa58515939a0fd4b15ad21dfea12e633
SHA12a7c8b6fdacbd878ff294f919143bee8bf4003f7
SHA2568c937bc62c2d5848d01635059a7fe92b06da390fab7d82bf889a400f6e1f6c13
SHA512ea200a743cb2a0dfacfe92803c7a6aa6c53fb208bb211ef5aa394fdd5f1eb10174a8a36b3b3fbd07c095ca11749878b86c1cb9008a0e0ff5312a1169369b1b68
-
Filesize
87KB
MD59ee894081757ea9a3538cd546b2b1ba6
SHA1b777f11f95876c366172c620638ed560fe630e36
SHA2563d95f16194da1129b5d6e6291bd4a208768f5ea0e7606acda39f77998758893b
SHA512e5a03ed5858e7e0db4ed83c06311801ed956f6a631315eef3ec7ecfd6d1bf21707b9fc09f43cb61a710e3c330b53ac038633a85ccf19149370282b31ff8cc8fc