0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25/06/2024, 20:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
Size

53KB
MD5

de747f7a104369c297617ebb056a5090
SHA1

448034fa4ba591b94c5b3221a1ed806284f67e60
SHA256

0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5
SHA512

6d28e639acd6c81b6f3248e3ff91d91299064ce857736b19c4516641e36f8b4981b795e9ace8e092d3990c1ace0b3abf581241380d3ffb6cb5a41e6ef0cae61f
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrbArA5SJOgArA5SJOnQWp2LWpL:W7BlpppARFbhWJjrA5SJYrA5SJ25pHpL

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3492) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\javaws.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\New_York.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_chromecast_plugin.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\gadget.xml.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRdIF.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Sakhalin.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-options.xml_hidden.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\rmid.exe.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\47.png.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\en-US\DVDMaker.exe.mui.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Chatham.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\license.html.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\feedback.gif.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\eula.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\EST.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.DataSetExtensions.Resources.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\sr\LC_MESSAGES\vlc.mo.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\de-DE\gadget.xml.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\fr-FR\css\calendar.css.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Broken_Hill.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\title.htm.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-attach.xml.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Cambridge_Bay.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\de\LC_MESSAGES\vlc.mo.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\RSSFeeds.html.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msaddsr.dll.mui.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\GrantClose.vbe.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Mendoza.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPOlive.png.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Tripoli.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\eu.txt.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_mp4_plugin.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\js\highDpiImageSwap.js.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nl.pak.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.director.app.nl_ja_4.4.0.v20140623020002.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_ja.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-api.xml.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\fr-FR\wordpad.exe.mui.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\css\settings.css.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\es-ES\msader15.dll.mui.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\it-IT\css\settings.css.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\Parity.fx.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs-nio2.xml.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-lib-profiler-common_zh_CN.jar.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\FreeCellMCE.png.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libblend_plugin.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\ccme_base.dll.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG_PAL.wmv.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\precomplete.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac.tmp	0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\0bd8a526719c10a0735bd3a2140c62a7ad68902da655722fb1eed4cab20ac6d5_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
54KB

MD5
6f94ba91683b5ddda6b561a7ddfeea85

SHA1
51d944214d6ca03160527c5c8cb9492111a8ad62

SHA256
d7de49f60b247119b6da5bad5e465a1afa68e2bc5ad0f2bcee6e049e3e3ad229

SHA512
215a3b4b9681f3053996abf4d6f59d8263f2105aa420c0ead1ab514757992db535e195d9aaa3e4ffb782af8a327e67145371aef6d422ef2f2e38930d7c6e07cd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
62KB

MD5
fed2d6e5b0726b839e32eb3274139914

SHA1
3560b5d34840f5e4f6631bb75d05baba435649eb

SHA256
d021d951f2b5b49f6c357f9d4210c35d8f96041f77ff8a7580d6d8318a82a854

SHA512
7bb04a4c22ec519a99b8fb5b58f6bdd28ea9120e8d54784462cc40907bc728714bc0a73ced546350207f037c3e31f0158ec212a2bf30609236ded2b8f5dc6b4d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads