Analysis
-
max time kernel
150s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
17-06-2024 08:24
Static task
static1
Behavioral task
behavioral1
Sample
69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe
-
Size
46KB
-
MD5
69eca288dd055233d9d421416e3264d0
-
SHA1
386e7180aea80972fcf91d8f68399cfd874ffdb7
-
SHA256
9a5e287d6479da9336969bc8119f5c1c46cc6e379034c305ce734ec002a9e803
-
SHA512
bbde4762f6f31db4609deca9f31e7f0c09fa1394fd41cc91df1cd88fe9ea61c66b4fec938e6749c5103afd5116d4e4be2134fa99395249de8a3c8dfc16a3a34a
-
SSDEEP
768:W7BlpNLpARFbhblkYlkuvIYFdrtf8WUtf8WL:W7ZNLpApCZuvIYXOWjWL
Malware Config
Signatures
-
Renames multiple (3532) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\web.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-output2_ja.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\ext\access-bridge-64.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\calendar.html.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\19.png.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Bears.jpg.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.jpg.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\OmdBase.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_zh_CN.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Mozilla Firefox\notificationserver.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\cgg\LC_MESSAGES\vlc.mo.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\navSubpicture.png.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Anadyr.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.inject_1.0.0.v20091030.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT-2.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\de-DE\wmlaunch.exe.mui.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\hwresmlm.dat.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\notification_helper.exe.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_duplicate_plugin.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app_1.0.300.v20140228-1829.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\Microsoft.Build.Utilities.v3.5.resources.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfreeze_plugin.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hebron.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-spi-actions.xml_hidden.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_rest.png.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\InkSeg.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CST6CDT.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker_1.1.200.v20131119-0908.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-queries.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Management.Instrumentation.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\video_chroma\librv32_plugin.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows NT\TableTextService\es-ES\TableTextService.dll.mui.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\fr-FR\slideShow.html.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\Common.fxh.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\kinit.exe.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Windows Mail\fr-FR\msoeres.dll.mui.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\es\LC_MESSAGES\vlc.mo.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.intro.ja_5.5.0.165303.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\ja-jp-sym.xml.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\Stationery\Pine_Lumber.jpg.tmp 69eca288dd055233d9d421416e3264d0_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
47KB
MD5c6032121a029b692e631c59fe413b197
SHA1df8df51a643d372ec6721a8778d72a96dbd9450b
SHA256575a5da5b5f565b8c3bc9c6dbf806a9295bdf9f747b6d63f00159fa02df59a48
SHA512a757428438c146d4a7cd1950c8da33d111076eb9120ad2d919680c2c20411da0c707d49a1f91207e8e585d38a84dd90da9a54c377bd366c807063e1bae61f5b1
-
Filesize
56KB
MD517b7d38928d4ffee66a031d1f3645403
SHA180bf150e596a34a292a40ac3f68448dd2e01eccf
SHA256c254584a07bee842c828ec7dc1c7bfb628bb24626b613bf0426d7c005c80f952
SHA512a5c72d257bff179c2453410eebd79a08a817f70da9ade372973bd9c62bba27fd0a2d1f4348969ac5c70ced9b7cec664a15d92fff5332769b83f6f75697be1113