986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
24/06/2024, 17:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
Size

95KB
MD5

63703581168568425f8df2756bad6330
SHA1

5a28cf0f30cbb7140eb846e23e83200eba9aa9b5
SHA256

986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b
SHA512

abc1638e4349010d6c432d8a5295a73542bcbbe5f7cb71f94937d9396192ef0ac7c0a2e18cbaf0028acabe2906d1ed16e8cd8284e3081a1d42e2328bceb20b3f
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/OfxRfxHAu39Au3lCJ:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7W

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3451) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Title_mainImage-mask.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Paris.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.properties.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\gadget.xml.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.alert.zh_CN_5.5.0.165303.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-spi-quicksearch.xml.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsMigrationPlugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Cuiaba.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\Mahjong.exe.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcer.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.console_1.1.0.v20140131-1639.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-search.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Scenes_INTRO_BG_PAL.wmv.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\about.html.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_divider_left.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libbluray-j2se-1.0.2.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_chromecast_plugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Notes_content-background.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfxrt.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MST.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Antigua.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_settings.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\IpsMigrationPlugin.dll.mui.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\osppobjs-spp-plugin-manifest-signed.xrm-ms.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\menu_style_default_Thumbnail.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository_2.3.0.v20131211-1531.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\ja-JP\currency.html.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\topnav.gif.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IPSEventLogMsg.dll.mui.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\splash.gif.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Karachi.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\uninstall\shortcuts_log.ini.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\LICENSE.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\java.exe.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\dnsns.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\license.html.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Services.Design.resources.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\calendar.html.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench.nl_zh_4.4.0.v20140623020002.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IO.Log.Resources.dll.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Sitka.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\SelectPublish.edrwx.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkWatson.exe.mui.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.text.nl_zh_4.4.0.v20140623020002.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_ja.jar.tmp	986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\986691f6edcce5dfaf1aa733358eef9f6dbe84b7db01e45023fd04e03425b22b_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
96KB

MD5
52b7c189d98ddda01d782670e08cba21

SHA1
8f8ae6c5762d14589d1eaac60d9e6f153d48eb25

SHA256
3d4c974cb4c9e3dbc4895e8f68e630a03de51e9746c4a9b09d63e192d61611ba

SHA512
fd55dd82967b824feb3cc9b6b18c55095c5eb6a5669c18adfa8ab032eaa4570670ae004013bb120c6dc188f48304685ef2842fe88ad55937954103239690712e

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
105KB

MD5
bc80111543594042e5610544a7261a75

SHA1
dd24cdf7c95aadbb7ec756974a68b5a145bf213a

SHA256
47283f557d33a6106bcbded12bfe3e209c11907d735f6e73278789658c1a970b

SHA512
d8fb7160c78fb5fb1f02551f1a8ad66995fad156721e7bee9ad7cb1c57b88b11166fc9b3db6f573d3598579fbc68349b3e1bb0cfffa15ba3db8a184a70ad4f78

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads