221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
20/06/2024, 01:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
Size

57KB
MD5

3acbb54c33247f37a3643fd46c0f77b0
SHA1

32ea73887f97612b06bff64fc5cf3865ece8c24e
SHA256

221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5
SHA512

62d25b93505ff9ac3f97009dfc3dfbde2a9809ac62824c01d47f8ddbd747ae74c1f91287711dff909f253869536a7d37f0bf4be354e69c2f6cbe48ab802e8844
SSDEEP

768:W7BlpNLpARFbhblkYlkuvIYFR27K8WKnFIMK8WKnFIhEXBwzEXBwn:W7ZNLpApCZuvIY0KNKnF3KNKnF0

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (957) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passportcover.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansRegular.ttf.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\OrangeCircles.jpg.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msxactps.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\amd64\jvm.cfg.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Nairobi.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\invalid32x32.gif.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ko.txt.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_videoinset.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqloledb.rll.mui.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kaliningrad.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipBand.dll.mui.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Bucharest.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-background.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\az.txt.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\CET.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Blanc-Sablon.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveAnother.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jarsigner.exe.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitemask1047.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Copenhagen.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Parity.fx.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\it-IT\wab32res.dll.mui.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\nn.txt.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwresslm.dat.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\unpack.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TipBand.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_videoinset.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Edmonton.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\wsimport.exe.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\default.jfc.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\policytool.exe.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground.wmv.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Thule.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Yellowknife.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Istanbul.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Juan.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ru.pak.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\cloud_Thumbnail.bmp.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_wer.dll.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\720x480icongraphic.png.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMainMask_PAL.wmv.tmp	221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\221379d93385bb16507a23ba419f6e18109d74414a149bb79aba9fee78fdc7c5_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-39690363-730359138-1046745555-1000\desktop.ini.tmp

Filesize
58KB

MD5
b137c65c2f8e13ba89897e2750c83c01

SHA1
79ce6314ca1a63cb60800a259ac6c60fe141e6d3

SHA256
53e4188279473a4b45d9795ba828ae91214e5d3b7b3f594a0b6949e6dc07f960

SHA512
50e0253deed03c6fe2979d66cf6a52547389bbb18b6befb410cb5bc6d4749b3b9fcdcd7c9d763ffadbdc07be9191bb9b6be2099efca002f06248fb4ad07d836f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
66KB

MD5
408858a5fafdb3b7b069f9edff239ef1

SHA1
f992aaa9537c1f44c272ef2f6f6f647c0fa89a4d

SHA256
1340dcc19eb67eda41bb3de27d1f564d6726f81f3c588e45194c06882d7bac21

SHA512
558a1b7da3e57c9f25e64b76133a209bad3558f151a7aac952cb096cdcf21a59dc2103a09f52cdf1b2d1658f277a1c457fdaa7a58a5e750cfd494a253c63cb9a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads