1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44

Analysis

max time kernel
150s
max time network
123s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
25-06-2024 23:03

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
Size

57KB
MD5

8463d8c79c47e6cce95eb29be938c3f0
SHA1

0528a5658deaee2eef2cc6b3f382023beb85d937
SHA256

1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44
SHA512

29481edcbafe42ce2cc4487dcd682b63a4996b51610a7b63a28cbeee0c6e732954a393565bfc2277f140bd380239126b330609914f7bde4a172c0e8b66278023
SSDEEP

768:W7BlpppARFbhWJq5nosMosAaanUATJ6UATJs:W7ZppApF5noZozT

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3564) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jvisualvm.exe.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\.settings\org.eclipse.equinox.p2.artifact.repository.prefs.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.di_1.4.0.v20140414-1837.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-14.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\RedistList\FrameworkList.xml.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\0.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\5.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipRes.dll.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Flyout_Thumbnail_Shadow.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.http_8.1.14.v20131031.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\back_lrg.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\tabskb.dll.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\YST9YDT.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.eclipse.nl_ja_4.4.0.v20140623020002.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_ButtonGraphic.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.xml.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.engine_2.3.0.v20140506-1720.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-attach.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\wab32res.dll.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainBackground_PAL.wmv.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-outline_ja.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-core-kit.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\java.policy.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\js\picturePuzzle.js.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_SelectionSubpicture.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\1047x576black.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\WMPDMC.exe.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\gadget.xml.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotslightoverlay.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\wlsrvc.dll.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Qyzylorda.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Maldives.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\it-IT\FreeCell.exe.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_divider_left.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\de-DE\css\picturePuzzle.css.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Juneau.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Davis.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Buenos_Aires.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\ja-JP\MpAsDesc.dll.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkWatson.exe.mui.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-awt_ja.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationProvider.resources.dll.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\service.js.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Prague.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-charts.jar.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\css\settings.css.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Beulah.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Cave_Drawings.gif.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.rcp_4.4.0.v20141007-2301\feature.xml.tmp	1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1fa71c104b749a5db1dab185eccd4e14222fc8c5a9a6d7b5dba717c7abca4b44_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
57KB

MD5
1b11a165cc3feafaef21197e967e34ee

SHA1
9ef2d54a51b5fca43c9fcce07926a2063d43850c

SHA256
ecc4028e99b684c26c6c7343554f68a866c3ee71ee882c438919d3138ee77641

SHA512
55fb9df3810a41f5af64b5da77c98b2bf0289419d7148b55556046c42fe3be14b3fab114b3943d0659c8af92285c35a5cace5ef055c716802e66f4e0fc2c9abc

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
66KB

MD5
9747f582ed06e9fc9511053e1b5f3451

SHA1
b529eade54e0ce672aff8771986a7adf6dad65db

SHA256
547f335afda5b1ed0640d6e9005b9770618f8da6026bca82ad70e51897c854f4

SHA512
61d2eec8d34438160e664bc33e39a84708371fb0e366b4405ff7de3bbfb6b373d7b72bc3e6448d66084c4cf8ebae44dbcb776cf2737aca997a6946563362e746

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads