1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023

Analysis

max time kernel
150s
max time network
117s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 22:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
Size

46KB
MD5

844fc559e209719ee88a51b9d7159250
SHA1

7427c53cee1c6926353ff292c2b3407b8d853f40
SHA256

1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023
SHA512

ff1b924f87f4b2c58583759e040bf090711096152f83a985f2353de8708373083d68b868039e143849589e8a1429efe2f6e2d8353c42dc94ef17b491b0bc559a
SSDEEP

768:W7BlpNLpARFbhblkYlkuvIYFPdAJxRdAJx9:W7ZNLpApCZuvIYl

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3779) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libvdummy_plugin.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\es-ES\css\cpu.css.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\ink\penchs.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\af.pak.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-conio-l1-1-0.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\uninstall\uninstall.log.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\flower_h.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\jawt_md.h.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToNotesBackground_PAL.wmv.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derby.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-snaptracer.xml.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Aqtau.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\localizedStrings.js.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_ja_4.4.0.v20140623020002.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ie\LC_MESSAGES\vlc.mo.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\navBack.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\London.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\fr-FR\PhotoAcq.dll.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Title_Page_Ref_PAL.wmv.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\asl-v20.txt.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives.nl_zh_4.4.0.v20140623020002.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\ContentDirectory.xml.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\10.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pl-PL\tipresx.dll.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgradient_plugin.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_splitter\libclone_plugin.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Danmarkshavn.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Mexico_City.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\css\currency.css.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\nb\LC_MESSAGES\vlc.mo.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\de-DE\gadget.xml.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\es-ES\wab32res.dll.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\NavigationLeft_ButtonGraphic.png.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\es-ES\Chess.exe.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.DataSetExtensions.Resources.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sendopts.xml.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-lib-uihandler.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\win32_MoveDrop32x32.gif.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\en-US\JNTFiltr.dll.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hi.pak.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxslt.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\lib\mailapi.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libstl_plugin.dll.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\setup_wm.exe.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\wmlaunch.exe.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\en-US\TableTextService.dll.mui.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Jerusalem.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-lib-uihandler.xml.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Atikokan.tmp	1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1ed4045b341af693e43fc879ecbe9766337b6992ffde08aa290cffa73bf3a023_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
46KB

MD5
2a90a9a60df370bf86cc6d79f790838c

SHA1
f91d068d4baaf2c34d43f8d125c5aecdaac0a6d4

SHA256
c458661e05c595b5c4a98fd0de63eaab060f555e6f0376e010adc57a53c887c9

SHA512
004322abcf49ec62318e8be02ac5a8dbf572e3041763f493b702d6811b065d262a5307483b1fcb4a27ab65e16bc39aa630e8917d5dc1b65b1afee3296526e9d3

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
55KB

MD5
3b8de3ec1fc6eadf4ec9458f39705d9c

SHA1
2992a798e2c454a11bf3da7355c544d29d9ad201

SHA256
1dab2e0d8e4cecbf2921dd172fb27470c94c2c11535867db6a743d92c7bd6980

SHA512
4559ee7d3f4852e6e6aa8a2f85291c53167c5afb03a5326d240a53e087e9072486d139d7974f8a4676175db8b06055d0dc55a373e12e208755fed0fece2dfd57

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads