1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7

Analysis

max time kernel
29s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
23/06/2024, 23:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
Size

1.9MB
MD5

fe11deafb2c8db5f95a8b8884e99ced0
SHA1

8438f5bbdee6b11babf6e5fd6c70da1fc5579c89
SHA256

1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7
SHA512

57d2b7b848961534eb73588181180ba4a24b57c5376884614aa6c50cdf546fe426f4fb37cb7b7a1ab912d57e8d241e4c38435416eb802b4bf5f805612758ca9a
SSDEEP

49152:VJKei5VLRfigeljc63pdajiUYkKLby+Nklt0P+l:aeiRfiFS6Zwj34bTkz7l

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\S:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\X:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\E:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\O:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\P:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\T:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\U:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\J:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\M:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\I:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\N:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\V:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\W:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\G:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\H:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\K:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\L:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\R:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\A:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File opened (read-only)	\??\B:	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\FxsTmp\gay sleeping glans mature .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\american nude hardcore sleeping feet Ôë .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\malaysia gay girls traffic .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\swedish handjob bukkake voyeur bedroom .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\japanese animal bukkake public gorgeoushorny .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\swedish animal horse several models pregnant .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\gay girls .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\gay [free] .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\russian gang bang fucking [milf] .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\indian handjob hardcore sleeping swallow (Jenna,Curtney).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\danish cumshot xxx girls titts upskirt .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\indian cum sperm voyeur .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\lingerie voyeur feet .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\russian fetish horse [milf] cock wifey (Liz).mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\danish cumshot hardcore uncut shoes .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\brasilian kicking trambling masturbation hole hairy (Melissa).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\swedish porn xxx [bangbus] titts beautyfull (Jade).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\brasilian beastiality lesbian [bangbus] .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\horse full movie titts latex .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\italian horse blowjob public .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\black action hardcore lesbian cock (Kathrin,Sarah).mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\tyrkish action sperm big leather .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\danish animal sperm [milf] cock .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\american cum sperm voyeur glans (Sandy,Jade).mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\russian horse fucking full movie feet boots .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_bacc7ceffc55dca2\blowjob several models femdom .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfolders-adm_31bf3856ad364e35_6.1.7600.16385_none_af6f98ff87b0e3cc\african sperm [milf] hole redhair (Curtney).zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\sperm catfight .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\russian gang bang gay hidden .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_3863e9ef3f804dd9\fetish xxx [bangbus] hole .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_en-us_8bfc34b93f0fdd42\trambling public shower .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0af98f1835676d1b\beastiality lingerie lesbian latex .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\american nude blowjob several models hole .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\action hardcore uncut balls (Christine,Samantha).mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\russian beastiality bukkake licking pregnant .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_en-us_00f45b041e1e8fd3\spanish fucking voyeur feet balls .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\malaysia horse big 40+ .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0993a1b8823a4e79\malaysia hardcore hidden high heels .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\japanese fetish gay catfight (Tatjana).mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\swedish gang bang gay hidden upskirt .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_dd18b2a07d49aa11\action lesbian licking titts bondage .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_664dbffec8693dfe\porn bukkake hidden hotel .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_8c6fc5a7aa8c435d\porn sperm catfight high heels .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_it-it_18a6fde3093acac7\fucking masturbation mistress .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_60a2cbbf935c42b4\blowjob [bangbus] hole latex .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\swedish action bukkake licking .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_es-es_8bc7919d3f36cee7\danish kicking trambling masturbation feet bedroom (Karin).zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_095efe9c8261401e\brasilian beastiality trambling [bangbus] beautyfull .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\danish action hardcore hidden cock .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_3c93ac15fd731acf\action horse masturbation black hairunshaved .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\brasilian fetish fucking [free] glans .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\swedish porn xxx [bangbus] .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_00225053e03f4c04\japanese cum xxx lesbian 50+ (Christine,Tatjana).zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_de-de_5803850b2f40840e\lesbian hot (!) titts traffic .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\lesbian hot (!) (Curtney).zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_f0ca3430257ea13f\malaysia hardcore licking cock 40+ (Curtney).mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_6208b91f46896156\asian bukkake public .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\beastiality sperm masturbation (Samantha).zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\lingerie voyeur mistress .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared_31bf3856ad364e35_6.1.7600.16385_none_6377027f0030a06a\danish beastiality hardcore several models .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_7f84cd98a7a56fd8\porn bukkake full movie titts .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\tyrkish beastiality blowjob voyeur .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\tyrkish animal horse uncut hole fishy .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_cd2006602e5ee22e\swedish animal lingerie catfight shower (Christine,Liz).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_es-es_5d6ada54ed6d35a2\danish horse gay big cock .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess_31bf3856ad364e35_6.1.7600.16385_none_60c2504d62fd4f0e\handjob horse voyeur titts shoes .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.1.7600.16385_none_2958d4a31d2ec64f\african gay full movie .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\sperm big glans (Sonja,Karin).rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\russian beastiality fucking hot (!) (Melissa).rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\trambling several models hole young .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_3b85bcbe4734e96a\russian cum bukkake [bangbus] .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_965db382b6fef5cb\lesbian hot (!) shoes .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\lesbian full movie granny .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\fucking lesbian cock (Kathrin,Liz).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp\swedish horse lingerie masturbation .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\beast uncut .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_6.1.7600.16385_none_5499606faffb3f9f\blowjob public .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_05ea1d9b8e2bf020\cum fucking hidden titts (Gina,Janette).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\japanese action horse licking titts swallow (Karin).mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\spanish fucking hidden hole high heels .mpg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_es-es_00bfb7e81e458178\kicking bukkake [free] sm .avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\Temp\american animal sperm sleeping (Sylvia).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_1412267f4b3bb985\british xxx catfight traffic .mpeg.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\japanese handjob horse girls .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bcc167434bb9b3ea\african trambling [bangbus] cock (Kathrin,Sarah).zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_9498b282333b64ec\black fetish fucking [bangbus] .zip.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_f3c374fc18118ca2\danish action sperm girls titts beautyfull (Sylvia).avi.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_2e7f079c3208e549\spanish lingerie hidden lady .rar.exe	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
344	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2444	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2288	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2012	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1648	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1448	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1644	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1604	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1524	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
344	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2424	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2444	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2460	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2824	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
592	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
700	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2288	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1804	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1804	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2012	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2012	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1080	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1080	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
448	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
448	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1648	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1648	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1340	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1340	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1376	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1376	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1380	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1380	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1608	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1608	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
1448	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 1304 wrote to memory of 2596	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	28
PID 1304 wrote to memory of 2596	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	28
PID 1304 wrote to memory of 2596	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	28
PID 1304 wrote to memory of 2596	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	28
PID 2596 wrote to memory of 2404	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	29
PID 2596 wrote to memory of 2404	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	29
PID 2596 wrote to memory of 2404	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	29
PID 2596 wrote to memory of 2404	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	29
PID 1304 wrote to memory of 2548	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	30
PID 1304 wrote to memory of 2548	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	30
PID 1304 wrote to memory of 2548	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	30
PID 1304 wrote to memory of 2548	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	30
PID 2404 wrote to memory of 2908	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	31
PID 2404 wrote to memory of 2908	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	31
PID 2404 wrote to memory of 2908	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	31
PID 2404 wrote to memory of 2908	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	31
PID 2548 wrote to memory of 2232	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	32
PID 2548 wrote to memory of 2232	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	32
PID 2548 wrote to memory of 2232	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	32
PID 2548 wrote to memory of 2232	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	32
PID 2596 wrote to memory of 548	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	33
PID 2596 wrote to memory of 548	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	33
PID 2596 wrote to memory of 548	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	33
PID 2596 wrote to memory of 548	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	33
PID 1304 wrote to memory of 344	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	34
PID 1304 wrote to memory of 344	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	34
PID 1304 wrote to memory of 344	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	34
PID 1304 wrote to memory of 344	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	34
PID 2908 wrote to memory of 2444	2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	35
PID 2908 wrote to memory of 2444	2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	35
PID 2908 wrote to memory of 2444	2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	35
PID 2908 wrote to memory of 2444	2908	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	35
PID 2404 wrote to memory of 2012	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	36
PID 2404 wrote to memory of 2012	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	36
PID 2404 wrote to memory of 2012	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	36
PID 2404 wrote to memory of 2012	2404	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	36
PID 2232 wrote to memory of 2288	2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	37
PID 2232 wrote to memory of 2288	2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	37
PID 2232 wrote to memory of 2288	2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	37
PID 2232 wrote to memory of 2288	2232	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	37
PID 548 wrote to memory of 1648	548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	38
PID 548 wrote to memory of 1648	548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	38
PID 548 wrote to memory of 1648	548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	38
PID 548 wrote to memory of 1648	548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	38
PID 344 wrote to memory of 1604	344	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	40
PID 344 wrote to memory of 1604	344	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	40
PID 344 wrote to memory of 1604	344	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	40
PID 344 wrote to memory of 1604	344	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	40
PID 2548 wrote to memory of 1448	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	39
PID 2548 wrote to memory of 1448	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	39
PID 2548 wrote to memory of 1448	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	39
PID 2548 wrote to memory of 1448	2548	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	39
PID 1304 wrote to memory of 1644	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	41
PID 1304 wrote to memory of 1644	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	41
PID 1304 wrote to memory of 1644	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	41
PID 1304 wrote to memory of 1644	1304	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	41
PID 2596 wrote to memory of 1524	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	42
PID 2596 wrote to memory of 1524	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	42
PID 2596 wrote to memory of 1524	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	42
PID 2596 wrote to memory of 1524	2596	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	42
PID 2444 wrote to memory of 2424	2444	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	43
PID 2444 wrote to memory of 2424	2444	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	43
PID 2444 wrote to memory of 2424	2444	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	43
PID 2444 wrote to memory of 2424	2444	1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1304
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2596
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2404
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2908
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:2444
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2424
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:2316
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:3356
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:5508
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        10⤵
        
        PID:12324
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:8652
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:17904
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:4868
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:8460
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:14044
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:7044
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:11368
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:23508
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:5556
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:12060
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:8348
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:13848
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:4876
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:8972
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:18100
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:7120
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11420
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:23872
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:984
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:3444
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:5724
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:12380
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:7604
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:11644
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:22000
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5044
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:8980
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:18120
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:7496
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12028
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5620
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:12156
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8676
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:14268
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8776
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:20568
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6988
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12044
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2824
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:1672
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:3724
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:6076
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:12780
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:9180
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:18060
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:12204
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8048
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12892
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3592
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6080
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:12316
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8628
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:17808
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3824
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:9112
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:18112
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:18780
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7504
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12036
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:2436
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3704
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5576
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:9384
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:18084
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:4616
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11040
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:17940
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:24244
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7976
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12796
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3552
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6040
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8356
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:13820
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8612
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:14252
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5112
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9092
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:18004
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7284
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:24260
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12124
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:22972
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2012
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:592
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:2260
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:3772
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:6088
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:12696
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:9188
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:20576
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5192
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:12108
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:22956
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8060
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12812
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3576
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6064
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:12388
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8548
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:14080
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:4160
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:9204
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:18036
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7528
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12052
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22104
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:2684
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3384
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:7008
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11624
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:22088
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6032
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12396
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8620
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:14112
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3924
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6332
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:14128
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9992
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:13048
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5388
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12172
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:15696
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:8388
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13856
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:700
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:1244
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3752
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5584
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:9296
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:18020
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5288
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12100
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:17588
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7400
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12948
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3652
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5712
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12772
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:23176
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9288
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12844
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4724
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9788
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12968
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7624
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12868
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2688
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3940
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6340
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:10048
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5404
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12332
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:8540
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14060
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:3948
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6384
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9824
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12960
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5420
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12084
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:19356
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:7260
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12908
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:18424
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:548
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1648
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2304
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:2648
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:4592
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:8396
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:13896
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6676
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11076
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:17996
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3784
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6968
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11608
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:23228
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5316
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12748
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8760
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:14172
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:2700
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3564
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:7200
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11600
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:22112
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6152
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:13788
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9320
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3996
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6860
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:11580
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22016
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5588
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:10040
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:8532
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14068
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1080
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:1248
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:4956
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8596
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:14036
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6740
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:11564
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22032
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4464
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8380
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:13828
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6448
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11032
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:17956
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2488
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3840
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7020
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12140
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6188
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:21284
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9280
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:18076
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4064
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6976
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:10416
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11528
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23152
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5704
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:10032
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23236
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:8660
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:17800
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1524
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:1856
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3212
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5224
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12180
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8128
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:11684
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22080
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4640
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7252
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:11496
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:23032
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6704
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11444
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23108
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2480
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4532
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7596
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:11544
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22024
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6552
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9772
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13804
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:3832
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6592
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12164
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5308
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12992
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:8720
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:14200
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1608
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:3120
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4720
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12092
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7840
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11536
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23516
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4696
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7704
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11668
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:22120
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6804
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11344
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:23212
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:2600
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4440
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7952
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11616
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23268
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6580
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14136
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:9764
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:13796
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:3956
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6796
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11556
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:22064
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:5396
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:13008
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:8732
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:14216
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2548
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2232
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2288
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2460
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:2872
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:3464
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:5664
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:12116
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        9⤵
        
        PID:23016
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:8668
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:14240
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:5032
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:8796
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:17964
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6820
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:11428
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:22992
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3528
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6048
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:12372
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8556
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:14192
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8856
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:23040
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7236
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12148
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22964
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:2664
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:3812
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:6272
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        8⤵
        
        PID:22820
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:9408
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5320
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12188
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8080
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12804
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3680
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5516
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:13016
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9312
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4284
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12212
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:23500
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7800
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12876
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1804
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:2888
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:4784
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:8404
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:13836
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6780
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:9936
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:13072
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4320
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7908
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12828
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6232
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9464
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:18028
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2672
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3236
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:6828
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12132
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5756
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12764
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9124
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:18092
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4016
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6948
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11504
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23260
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5644
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12196
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:8524
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:14028
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1448
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:448
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:1192
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:4648
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:9268
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:18012
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7680
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12924
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4472
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8120
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:11572
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:23220
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6424
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:13984
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9780
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14180
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2604
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4380
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7880
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12900
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6396
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9832
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14260
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4056
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6896
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11068
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:17980
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5844
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12300
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:7832
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11512
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:22780
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:988
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:3156
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5136
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:10024
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:22812
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7984
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12820
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23184
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4608
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:8452
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14088
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6692
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13976
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:9944
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:13812
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:2520
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4100
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7432
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12076
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6204
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:9304
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12852
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:3440
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6212
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:10452
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14276
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11352
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:21992
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:5204
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12704
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:8572
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:14120
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:344
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1604
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:1640
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:3188
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:5176
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:12348
        
        C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        7⤵
        
        PID:17460
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8168
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12932
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4656
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:8436
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:14052
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6728
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:13040
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:10000
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13064
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2704
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4304
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:7860
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:12884
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6244
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:14144
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:9472
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:20584
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:3584
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:6180
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11480
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:22040
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5296
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12788
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23160
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:8740
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:17972
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1340
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2884
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:4844
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:10424
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7916
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12940
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4672
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7588
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11452
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:22788
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6812
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11360
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:22008
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:2360
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4168
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7696
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12220
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23860
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6196
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13880
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:9504
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:18068
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:3420
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6928
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:10436
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11436
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:23024
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:6056
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12308
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:8564
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:14208
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1644
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1376
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:2504
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:5040
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:10400
      - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        6⤵
        
        PID:23244
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7824
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:12860
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4712
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:8028
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11460
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:23252
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6720
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13024
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11060
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:17988
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:2624
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:4204
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:7940
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:11636
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:21984
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:6224
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:13872
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:9952
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:13056
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:1656
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:7092
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:11468
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:22828
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:6132
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12340
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12984
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:8636
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:17896
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1380
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:3100
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:5080
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:10464
    - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
        5⤵
        
        PID:14096
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:7816
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12836
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:23168
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:4756
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:8604
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:14104
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:7140
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:10384
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:15616
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:11412
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:22056
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  PID:2544
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:4504
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:8188
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:12916
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:6436
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:11052
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:17948
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:24236
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  PID:3720
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:6768
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:10392
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:17792
  - - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
      4⤵
      PID:24252
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:12068
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:22948
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  PID:5156
- - C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
    3⤵
    PID:12756
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  PID:8644
- C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\1ac719c29bcc2a5e9f1b5638230bd8c9ba8866202e3e6aeed9b1c6574f063ce7_NeikiAnalytics.exe"
  2⤵
  PID:17816

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\swedish porn xxx [bangbus] titts beautyfull (Jade).avi.exe

Filesize
105KB

MD5
56d27c759ff095748adde66df9eeb7db

SHA1
58f8e03e29d37e13ba4183a2bed3f0f56fa13783

SHA256
1b4c6a8b29db2f82e9fbb99853c7734457fab5abc7d49b1f8042342949ac31fe

SHA512
0c20b970969b6055bd82cc47604a739782a3548420c6bd9b5b0b0b8ac98994f0002314a7514275b376bbb8f1783434d5736244f6c124d3a2f57758c0a208887b

Download Submit
C:\debug.txt

Filesize
183B

MD5
4e910f2152aa5ed5b12edf4ac100b8df

SHA1
fc29571244f063e530492fa70df211906ecd26fe

SHA256
5d551eca8be53f6cd45420a4e55d2b0db9fd1ba18e7f7c19e78f4bad7b2aaf66

SHA512
69563e9ee2343b60258db88a312260bf2d866b6441f2c757b9bc6bb1529a61b654ebbe3812c566ab80592b668b9c4ac8a30bbb70fc8a7142d18f374b59c58a4c

Download Submit
memory/344-98-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/344-165-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/448-115-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/448-141-0x00000000045A0000-0x00000000045CB000-memory.dmp

Filesize
172KB

Download
memory/548-135-0x0000000005060000-0x000000000508B000-memory.dmp

Filesize
172KB

Download
memory/548-164-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/548-96-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/592-129-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/700-111-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/700-130-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/984-153-0x0000000004530000-0x000000000455B000-memory.dmp

Filesize
172KB

Download
memory/988-145-0x0000000004E10000-0x0000000004E3B000-memory.dmp

Filesize
172KB

Download
memory/1080-140-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/1080-116-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1244-172-0x00000000045D0000-0x00000000045FB000-memory.dmp

Filesize
172KB

Download
memory/1304-138-0x00000000063E0000-0x000000000640B000-memory.dmp

Filesize
172KB

Download
memory/1304-97-0x00000000063E0000-0x000000000640B000-memory.dmp

Filesize
172KB

Download
memory/1304-90-0x00000000063E0000-0x000000000640B000-memory.dmp

Filesize
172KB

Download
memory/1304-158-0x00000000063E0000-0x000000000640B000-memory.dmp

Filesize
172KB

Download
memory/1304-155-0x00000000063E0000-0x000000000640B000-memory.dmp

Filesize
172KB

Download
memory/1304-0-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1304-54-0x00000000063E0000-0x000000000640B000-memory.dmp

Filesize
172KB

Download
memory/1304-154-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1340-143-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/1340-117-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1376-142-0x0000000001F70000-0x0000000001F9B000-memory.dmp

Filesize
172KB

Download
memory/1376-120-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1448-104-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1448-134-0x00000000045F0000-0x000000000461B000-memory.dmp

Filesize
172KB

Download
memory/1448-175-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1524-118-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/1524-105-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1524-177-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1604-176-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1608-144-0x00000000045E0000-0x000000000460B000-memory.dmp

Filesize
172KB

Download
memory/1640-146-0x0000000001F50000-0x0000000001F7B000-memory.dmp

Filesize
172KB

Download
memory/1640-121-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1644-106-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1644-178-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1648-103-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1648-174-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1648-133-0x00000000045B0000-0x00000000045DB000-memory.dmp

Filesize
172KB

Download
memory/1672-170-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/1804-114-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1804-139-0x0000000004520000-0x000000000454B000-memory.dmp

Filesize
172KB

Download
memory/1856-147-0x0000000005070000-0x000000000509B000-memory.dmp

Filesize
172KB

Download
memory/1856-122-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2012-131-0x0000000004500000-0x000000000452B000-memory.dmp

Filesize
172KB

Download
memory/2012-171-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2232-163-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2232-113-0x00000000045E0000-0x000000000460B000-memory.dmp

Filesize
172KB

Download
memory/2232-94-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2288-167-0x0000000005060000-0x000000000508B000-memory.dmp

Filesize
172KB

Download
memory/2288-102-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2288-173-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2304-137-0x0000000004520000-0x000000000454B000-memory.dmp

Filesize
172KB

Download
memory/2304-112-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2316-148-0x0000000004E00000-0x0000000004E2B000-memory.dmp

Filesize
172KB

Download
memory/2404-161-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/2404-169-0x0000000005060000-0x000000000508B000-memory.dmp

Filesize
172KB

Download
memory/2404-156-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2404-182-0x0000000005070000-0x000000000509B000-memory.dmp

Filesize
172KB

Download
memory/2404-101-0x0000000005060000-0x000000000508B000-memory.dmp

Filesize
172KB

Download
memory/2404-92-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/2404-132-0x0000000005070000-0x000000000509B000-memory.dmp

Filesize
172KB

Download
memory/2424-179-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2424-123-0x0000000004DE0000-0x0000000004E0B000-memory.dmp

Filesize
172KB

Download
memory/2424-150-0x0000000005060000-0x000000000508B000-memory.dmp

Filesize
172KB

Download
memory/2444-108-0x00000000047D0000-0x00000000047FB000-memory.dmp

Filesize
172KB

Download
memory/2444-100-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2444-152-0x0000000004A60000-0x0000000004A8B000-memory.dmp

Filesize
172KB

Download
memory/2444-168-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2444-124-0x0000000004A60000-0x0000000004A8B000-memory.dmp

Filesize
172KB

Download
memory/2460-110-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2460-159-0x00000000050A0000-0x00000000050CB000-memory.dmp

Filesize
172KB

Download
memory/2460-125-0x00000000020B0000-0x00000000020DB000-memory.dmp

Filesize
172KB

Download
memory/2548-136-0x00000000045F0000-0x000000000461B000-memory.dmp

Filesize
172KB

Download
memory/2548-157-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2548-91-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2548-162-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/2596-55-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2596-89-0x0000000004D10000-0x0000000004D3B000-memory.dmp

Filesize
172KB

Download
memory/2596-95-0x0000000004D10000-0x0000000004D3B000-memory.dmp

Filesize
172KB

Download
memory/2596-119-0x0000000004D10000-0x0000000004D3B000-memory.dmp

Filesize
172KB

Download
memory/2688-181-0x0000000004590000-0x00000000045BB000-memory.dmp

Filesize
172KB

Download
memory/2824-128-0x0000000004DF0000-0x0000000004E1B000-memory.dmp

Filesize
172KB

Download
memory/2824-109-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2824-180-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2872-126-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2908-127-0x00000000050A0000-0x00000000050CB000-memory.dmp

Filesize
172KB

Download
memory/2908-93-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2908-99-0x0000000001EA0000-0x0000000001ECB000-memory.dmp

Filesize
172KB

Download
memory/2908-160-0x00000000050A0000-0x00000000050CB000-memory.dmp

Filesize
172KB

Download
memory/2908-166-0x0000000001EA0000-0x0000000001ECB000-memory.dmp

Filesize
172KB

Download
memory/3356-149-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3396-151-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download