0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b

Analysis

max time kernel
149s
max time network
118s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
19/06/2024, 20:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
Size

71KB
MD5

b68022e2cc124b62a9dc2f9af8cb8a10
SHA1

e86ef9bc0252066399922125a91f284a724742d9
SHA256

0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b
SHA512

9aaf1fbfe826d5d88b4fc5ba7c42468b26f49205a4aa9758be220967e56206da4a5078e1d343a709249a2c3181706f7eaec7f79e0872e642fda0b171fcb4bca6
SSDEEP

768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmh1444X:W7ZDpApYbWjIoPyPoLzV7c6Sh1XE

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3519) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Mozilla Firefox\plugin-container.exe.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\eclipse.inf.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_ja_4.4.0.v20140623020002.jar.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Baku.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Rarotonga.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-new.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.lucene.core_3.5.0.v20120725-1805.jar.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpClient.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_right_disabled.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Kiev.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\fr-FR\Hearts.exe.mui.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ms.txt.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\pt-PT.pak.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\indxicon.gif.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libnetsync_plugin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\css\settings.css.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\js\RSSFeeds.js.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\White_Chocolate.jpg.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\alert_obj.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\ImagingEngine.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcfr.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Management.Instrumentation.Resources.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\d3d9\libdirect3d9_filters_plugin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\en-US\WinMail.exe.mui.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Scene_loop_PAL.wmv.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_ja.jar.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile_browse.html.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Vienna.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\js\calendar.js.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32Info.exe.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mng2.txt.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\css\weather.css.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libtransform_plugin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_bottom.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\InkSeg.dll.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_kor.xml.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\content-foreground.png.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montreal.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_olv.css.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\INLAUNCH.DLL.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\es-ES\TableTextService.dll.mui.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\micaut.dll.mui.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\THANKS.txt.tmp	0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\0402f6277e343f8dacbc3cbbdd8a9ebc9e45c480c0f603bc0cf85d5d09e0bc5b_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
71KB

MD5
05e2d5f7b1f281f54c2175e52728d4a8

SHA1
9182a32684e3f2acc2e6a90f8da6caa68786575f

SHA256
0caf9364f821ebce36a2eeab02ef68e60ebc49d61e9eb70d230a1ff37397523c

SHA512
881bc6674517b7a7d96b11fdb6d3a667969fa87830febe44a5f231c8deda93002f87bebce538e5cb567bdbe55b7ec3d4129aa8e516f75e3a057a077d50fb2391

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
80KB

MD5
f86155b9cae0c3e43c9dd9b2d4d2c9f7

SHA1
4b0d20819d2de683e950c8cd5aa6b06cfdf9164e

SHA256
a90ef687f8bb56990c1aa0138b6f3f71cce3dfb795c540dbf60d26037bb03401

SHA512
b4f024f8218e4bdce2b284e686ce48ec75dbe3bf0c42a63d32192c842b8c852345b5cd78d6fafb79531cb0bfbcab2be072f2f753445d29448c723f187f30472e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads