5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
20/06/2024, 11:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
Size

87KB
MD5

32410c9a95d41d48bd7bcaa0d9b1b210
SHA1

34d6a0ccd730ba12977dc671d60807663e572854
SHA256

5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9
SHA512

ccff8ad5a3ea1335e5120236847057da0fb406c4e45996130cbab65151e5e8721f6cf81873129463454725ec31b56a1d493a757208c9e46787bc8250d88568d3
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhi:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsn

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3451) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_ja.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\lt\LC_MESSAGES\vlc.mo.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libglwin32_plugin.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\clock.js.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\css\settings.css.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\wab.exe.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_blue_windy.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_btn-back-static.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\en-US\FreeCell.exe.mui.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Engine.resources.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.jdp_5.5.0.165303.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\msvcr100.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\ja-JP\wordpad.exe.mui.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-options-keymap.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\orbd.exe.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\25.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Shorthand.emf.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationUp_ButtonGraphic.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Curacao.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw120.jpg.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_ja.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vevay.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Vincennes.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Azores.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoDev.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\com-sun-tools-visualvm-modules-startup.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_few-showers.png.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Havana.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-nodes.xml.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\MET.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libmjpeg_plugin.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\init.js.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Music.emf.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.rcp.feature_1.2.0.v20140523-0116\feature.properties.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\jnwdui.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\es-ES\css\settings.css.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\IA2Marshal.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationProvider.resources.dll.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\ja-JP\WMPMediaSharing.dll.mui.tmp	5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\5ab9d0c60f4a8981c602b4dbb199a8f68a743bbbde207afd18d4064262a32ab9_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1340930862-1405011213-2821322012-1000\desktop.ini.tmp

Filesize
87KB

MD5
fcda97a13bb55a5d26c953eda55a3542

SHA1
254df6d5426cfd115345c1578ae33c0c7fb3ccee

SHA256
df5077b57d87be77da5349839f8c82e540f248d075c4dd9f0daa91fd78b6064b

SHA512
5e78fff91345ada3a30d406a05133355f67170feab40893da3545acef2701c95ed24d8a280460cc1e75550a101f80e74cba095f5897ec1ca7eb0858949574a61

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
96KB

MD5
c964a9dc396b11d6fbee12c1dc2e80e5

SHA1
0e60e2380f3eed3ba44c3d0d5e25f425a7447ade

SHA256
01964f2b9bef0b75ed01d7e8776e9011bd7445a30169b8841e8334a096b74a2b

SHA512
ee90aac4fd5e8b9c1b6fc6ea2e78e04a06b03cd3590e8c5d08955d9433116e3f463a42abfd882ffc1489ef6ab8304cccb2c0a716008b50b46747cb3f21f0405b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads