Analysis
-
max time kernel
150s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
17-06-2024 07:26
Static task
static1
Behavioral task
behavioral1
Sample
61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe
-
Size
44KB
-
MD5
61956c16e785785755f7c1be4e8f2d00
-
SHA1
0f72cb97e76e50d20d31ad87a3e30e88d8faa03c
-
SHA256
208e066613ed185bba09ac4859d0c07bd3c27c647f882e18d20abb6ebce0d64c
-
SHA512
0ca974ec0f5b93b592868bbf89989316fd64fded99632f638283e5dca0ea44af76cae1b94377bfb611007f4a4a4ca2ae6b6fbc182095febc73429d1da5c90dbb
-
SSDEEP
384:GBt7Br5xjLMuLAgA71FbhvDl3DG71ul3DG71XUmUIYFAHsnAKAC:W7BlpNLpARFbhblkYlkuvIYFdnp3
Malware Config
Signatures
-
Renames multiple (3763) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Solitaire\ja-JP\Solitaire.exe.mui.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-core.xml.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\private_browsing.VisualElementsManifest.xml.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\ink\de-DE\TipTsf.dll.mui.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\accessibility.properties.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\distribute_form.gif.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Bougainville.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\about.html.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.nl_zh_4.4.0.v20140623020002.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Multiplayer\Spades\it-IT\ShvlRes.dll.mui.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_left_mouseout.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_basestyle.css.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\lua\http\dialogs\browse_window.html.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_partly-cloudy.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\ky.txt.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtospdif_plugin.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\misc\libvod_rtsp_plugin.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\34.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files (x86)\Common Files\microsoft shared\MSInfo\it-IT\msinfo32.exe.mui.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Internet Explorer\sqmapi.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Dili.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Nicosia.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\spu\libremoteosd_plugin.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\OpenInvoke.dib.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\timer_over.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\bin\JAWTAccessBridge-64.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\row_over.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Font\CourierStd-Bold.otf.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\photograph.png.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cuiaba.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-tabcontrol.jar.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\deploy\messages_fr.properties.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\sk\LC_MESSAGES\vlc.mo.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_copy_plugin.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\msadc\msadco.dll.tmp 61956c16e785785755f7c1be4e8f2d00_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
44KB
MD55c24efa4ae0f48781739b902b1c23974
SHA1d883d5d3c5ce7c7c9a83b4b8b27f2a20387cf7fb
SHA25623328a1ec1f65d0f266b4fb5080bdcbd1be2774cabfc139c9f0900295f08e965
SHA5126ca101f499364be3bcbace0fa7ebd4343a52726e6d9306918782cf123d8880193d6f66b5cbd2d9c0637a3e94aefb07ef26336cabcae15ca860d1906ad4b6a778
-
Filesize
53KB
MD5ab01899f10d1bc397992111b4971fc77
SHA129d6425ce5ad32fcd94334bfd75e29c912e75d02
SHA256e09a11ccc6b367e24540130fcd9be84f57a72563e9d3bd747610f6139b86203a
SHA512e8cb10790c538aef40807584d2a9ef07db6965fc7c09172a709dcea85f41fa9a17290383c992d474b2a280642c9ce37a763272552834bf34ed0f87abef256327