07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
19/06/2024, 20:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
Size

82KB
MD5

d33adae4e3a840139c09c8839ab09430
SHA1

cbb63fb5bcfb7382cf8c4eae6756d3b8ccb0698e
SHA256

07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2
SHA512

60aba1e0d07f275accf762063fb9b9c1def613dca3bc66d90f169e04e579231ba93cc56f2456ec2c5540af7a57d055ccf4094be5ee66e3b87aebe1df20a6f37a
SSDEEP

1536:/7ZQpApze+eO888888888888888888888888888888888888888888888888888r:9QWpze+eO8888888888888888888888U

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3739) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.bat.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.transport.ecf.nl_zh_4.4.0.v20140623020002.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\it-IT\Journal.exe.mui.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\library.js.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_av1_plugin.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\wmpnetwk.exe.mui.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\soniccolorconverter.ax.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jli.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Kathmandu.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\en-US\ChkrRes.dll.mui.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\wmprph.exe.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_description_plugin.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\blank.jtp.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-explorer.xml.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\novelty_dot.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_windy.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color32.bmp.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Menominee.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yekaterinburg.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)notConnectedStateIcon.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_few-showers.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher_1.3.0.v20140911-0143.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-awt.xml.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\fr-FR\PhotoViewer.dll.mui.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\css\settings.css.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\ij.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs.xml.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\bckgzm.exe.mui.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\Tulip.jpg.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIcon.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\1047x576_91n92.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\NEWS.txt.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh87.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Godthab.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Xml.Linq.Resources.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-fallback.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back.png.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ga.txt.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdasql.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base.nl_ja_4.4.0.v20140623020002.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-windows.xml.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar.tmp	07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\07ceb7a0ed338dd4803e362ef73b740552c69c0f6390b93062f39169d11acea2_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
82KB

MD5
b15f914b7670134faff2850227fba6e2

SHA1
f73b2f1ea90319d55641d6b4e24abcb13662df42

SHA256
2dca03c5049aa5d3be389134ee2aed486745151195b88924c90bcd16340ef621

SHA512
cd8527c2ffc994f475f8b383112cc1b4ecf7787720f9e0949f4c68c1bfc845e97f7dfddfe764ea6175afe494fbcb2fcb8a0f58a34b973424bef820356cff884b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
91KB

MD5
4f4b4a74bf3d22bedc2b49a4bd1b5b6a

SHA1
97d70e2c2b9619f63a679cb3a940400c8bcade8c

SHA256
f55f4fb49979328004efd1bea5b02ed94dd907d82092660bd6bdb911a1195559

SHA512
d8765ccca199f7fe7c13db37dacd01f929b8ee33c2a02015682a4de16216c5df0d0074fb9e434004d16c699d591a0b17edf04b6a21d783f0b7b99e3aec5b78ad

Download Submit
memory/2044-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2044-658-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads