18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
19/06/2024, 23:41

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
Size

92KB
MD5

3f6841f119b5fbd84264521c293115d0
SHA1

8a2d65de2205355cbdf6e2ae158bf76dec89f1f2
SHA256

18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d
SHA512

00dfc7f00ff0020977c21e9ac2b56f6bdf688e4ec4a5104e7ac327209f2a0b8d29b9658a8c516c0f7757ae681f8c7ebc97a72ebbb585289fa3143386354c70f6
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/0VXaqv3+uM:6e7WpMaxeb0CYJ97lEYNR73e+eKZ0VXS

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3470) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_corner_top_right.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\sidebar.exe.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\symbols\symbase.xml.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\META-INF\ECLIPSE_.SF.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.pb_2.3.5.v201404071733.jar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-process-l1-1-0.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_right_mouseout.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\modules\sandbox.luac.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\divider-horizontal.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\TipTsf.dll.mui.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\directshowtap.ax.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.resources_3.9.1.v20140825-1431.jar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util-lookup.xml.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\css\picturePuzzle.css.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ahclient.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssve.xml.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Chihuahua.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdcp_plugin.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\tabskb.dll.mui.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\orb.idl.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ulaanbaatar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\gadget.xml.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\alt-rt.jar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\calendar.html.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Warsaw.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\ja-JP\Minesweeper.exe.mui.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.ServiceModel.Web.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmic.exe.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.common_3.6.200.v20130402-1505.jar.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\ja-JP\WMPDMCCore.dll.mui.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\ja-JP\css\calendar.css.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_sun.png.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\dt_socket.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\it-IT\settings.html.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mshwLatin.dll.mui.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cambridge_Bay.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Vancouver.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\uk.pak.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll.tmp	18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\18e65f33c6786230ddb46986fb0302d59a58dbf054374bc14c9daae20e87620d_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:3068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
93KB

MD5
b6162836d2c1d750de44225a52f2a5fb

SHA1
96d3c4d74d56c7a3f27508a2153915fed61bcdd7

SHA256
a42c36aae55e7a1361a637e5305770a0884118ec7bb5c9354f2fb6afc4717e01

SHA512
77afd36ab6f5d221caec84935c68263adb5a8d374c643240cbd465b0013a471b8e090ec19fb982095ab348a5754878ff22dba620a435489caeb3cdfa2e6e553e

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
102KB

MD5
f71b58cf6200f517cd05d5cb09d5c38a

SHA1
7d1901775b9f9fa1efbf522ce6f519c20aba7112

SHA256
7d766c850dcafc42d6d691a35f1f266b2e70fba29cc0328a46d3faf81136c0df

SHA512
99fdd06369c3479709637fb918aca46e5a0e28b271067158054f85a9f7e231540c8d23e62c1ad2dc9dcaa6407761f0361e84f100464d42c778d5696f7e16a05f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads