1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448

Analysis

max time kernel
149s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 01:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
Size

96KB
MD5

3dd136d349805c74be12b7e1b1a8b640
SHA1

d4006aa13a0ba7eef13bb95fe6ba90ecae4d9c9d
SHA256

1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448
SHA512

2d9c84011a52c93f6baad8414fff82907bcff5249599be5726663e18953b6e27848f012ae6481514f09e3e5d2567eae7500fa3a4654ae7d880fa715d0ad8ef5e
SSDEEP

3072:9QWpze+eO888888888888888888888888888888888888888888888888888888b:Lpe+ekeq1V

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3429) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-heapwalker_ja.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-oql.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages.properties.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\it-IT\shvlzm.exe.mui.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\unpack200.exe.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunjce_provider.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\org-openide-filesystems.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPMediaSharing.dll.mui.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\msdasqlr.dll.mui.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jhat.exe.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_foggy.png.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-core.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\ja-JP\js\settings.js.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_zh_CN.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaTypewriterBold.ttf.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\highlight.png.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Almaty.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bs\LC_MESSAGES\vlc.mo.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_asf_plugin.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\es-ES\settings.html.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.renderers.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-dialogs_ja.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_zh_CN.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-spi-actions.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Regina.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\de-DE\gadget.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ro\LC_MESSAGES\vlc.mo.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiling.xml.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\favicon.ico.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Palau.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp.zh_CN_5.5.0.165303.jar.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\.lastModified.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.Design.resources.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\it-IT\ImagingDevices.exe.mui.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-previous-static.png.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToScenesBackground_PAL.wmv.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\msvcr100.dll.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\telnet.luac.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_color120.png.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\it-IT\WMM2CLIP.dll.mui.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookicon.gif.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\sysinfo.bat.tmp	1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1e652fdf0576cad2fc3dea8cda23936978f64c2c746ce382b5cd8c4108eb7448_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
97KB

MD5
f65e1cfbc4ef6c4b020ebd93eef5cdc7

SHA1
30cdd64761c0b390e3d6bc53236d5b46d672e3b0

SHA256
e21f8383f308858a9d4bd20dcfe98ecfb7d0c35e8c6d4fe9ead9172df81249f1

SHA512
a21296c005c29cd7f7f5d4e3c1520a030e64218c006d0db188698e1a94f0d303abd808fe75a1872f610f64bcc52d8916a649074a3dfa778b18a60b394c381aed

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
105KB

MD5
c4ea4ea3013df5c9e3e9abbb10d24e78

SHA1
18d4aa510796c9836e61627ab7d13d54dd10aac4

SHA256
4d914749853096413b91ab4dba6304fda2b9aa05c060c054bd065ad5a1f4594d

SHA512
4237418c976edff6100c3aff7b2fe5c8f60e9985b7425df58c019bd23c2cd8f21744fd72ae6515a55d2fbd7aa4b793052b258b64755c1014961677c31e3b0f10

Download Submit
memory/2248-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads