087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b

Analysis

max time kernel
149s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
24/06/2024, 21:57

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
Size

45KB
MD5

4fdd29ee2255d078f9b7f102b3ff3ee0
SHA1

bf2861245cfcb6a0034ea80bd5877f9f58409b6c
SHA256

087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b
SHA512

5e7a36948658ff73cba3f6d0389fbb7811c4bb14463f67618cd61ddd78a8bc5eae36819301e76523ab75a33a12aad4811804b4f21a63bdddcf6cbf854158345a
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrxAa2a//A:W7BlpppARFbhWJmAa2aQ

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3798) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sk-SK\tipresx.dll.mui.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\rmiregistry.exe.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_zh_4.4.0.v20140623020002.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\9.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\ink\ja-JP\mip.exe.mui.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.services.nl_ja_4.4.0.v20140623020002.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+10.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Brussels.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\librist_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\drag.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationLeft_SelectionSubpicture.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\optimization_guide_internal.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.Design.resources.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ps_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.xml.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroSign.prc.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Rothera.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libscte18_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libadf_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\Help\1036\hxdsui.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Athens.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Rio_Gallegos.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ko.txt.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyclient.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\com.jrockit.mc.console.ui.notification_contexts.xml.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-plaf.xml.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-charts_ja.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\nio.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\Shvl.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\mozavutil.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\en-US\Sidebar.exe.mui.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx265_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_ja.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Vilnius.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\librtpvideo_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\it-IT\PhotoViewer.dll.mui.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_foggy.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util_zh_CN.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spc.txt.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\grid_(inch).wmf.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Uzhgorod.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\HST.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup_zh_CN.jar.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Kiev.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\am_ET\LC_MESSAGES\vlc.mo.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\es-ES\js\highDpiImageSwap.js.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\WindowsAccessBridge-64.dll.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Melbourne.tmp	087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\087358defae20fbbcaf4a0ec96ee8e1bcb164d07b4c707e961dd971fc1caf81b_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
45KB

MD5
f46104b5201b6c90603ed369a48fed34

SHA1
e7a64f84f5cddba8c3cb472920fcf8576714726d

SHA256
f20174993a86b3541a8c0c67618b3947924e89075f6f3e3f9344940f134c305c

SHA512
b960818f569e6b9dcf9bfe31abb2cb00fe7dd664c80934135d98eedb3cd04f6afe0e84905ac7eee9e5b2712b64c283fa82aa45abe53b85804f94f175b5f9625b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
54KB

MD5
ba1caffe4388506cc029a62094a665cc

SHA1
e68606b382137b70f62ba6e76d5d925981f6e1fc

SHA256
f84daac9969db70c268481543768dfa467206b2c6071493af4c7ee7d601e57c8

SHA512
10a3d4a062e644e73f952d7df9ed4ab8c5486d1b01427317d5ef593340afb364eccc224587532359ad97b282b40ccd7e55c1a9d7d7d90045542407901a3f6918

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads