4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 00:26

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
Size

80KB
MD5

681d6ea7778ded0bcb69da05170ebf10
SHA1

e8393d5bbaaf885e709da88796317f2e51e42ef3
SHA256

4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486
SHA512

210e81fdcfa0096b336539d4aa0bac4893a20240481fe5ef310750096ccf5443d6ae9c8331d6dd464107b98cc7c37d045b5efb6e73f3e5cf7cb5a1511361304f
SSDEEP

1536:/7ZQpApze+eO888888888888888888888888888888888888888888888888888c:9QWpze+eO8888888888888888888888F

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3482) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrespsh.dat.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Madrid.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.ja_5.5.0.165303.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_settings.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-heap-l1-1-0.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.Printing.resources.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\pushplaysubpicture.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-10.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.docs.zh_CN_5.5.0.165303.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-queries.xml.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-selector-ui.xml.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.text.nl_zh_4.4.0.v20140623020002.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\javacpl.exe.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Syowa.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\Documentation.url.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\es-ES\MsMpRes.dll.mui.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IpsMigrationPlugin.dll.mui.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Fiji.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\Chess.exe.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-fallback_ja.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-print.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\localizedStrings.js.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\sbdrop.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\15x15dot.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_ButtonGraphic.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\ipcclientcerts.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\es-ES\Sidebar.exe.mui.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\IpsPlugin.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\policytool.exe.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.directorywatcher.nl_zh_4.4.0.v20140623020002.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.security_8.1.14.v20131031.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\WET.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\defaults\pref\autoconfig.js.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\Microsoft.Build.Engine.resources.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\ja-JP\PhotoAcq.dll.mui.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InkDiv.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Manaus.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Belgrade.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Moscow.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\31.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_sun.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ndjamena.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-fallback.xml.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_ja.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-execution.xml_hidden.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvmstat.jar.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Santo_Domingo.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libspdif_plugin.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\de-DE\PhotoAcq.dll.mui.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Dublin.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\buttons.png.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d11_plugin.dll.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\ja-JP\css\clock.css.tmp	4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\4b8c793feaff5b6c3df17a5eb00f8f7f879abe543514361cce7df88ba1b3a486_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
80KB

MD5
24920685ff55327d783384b4f949f7f9

SHA1
dd5c823d40aa7dba9fbd472e223ce3192b63edfe

SHA256
b6a841d2f92174148b1738923156b4a591583c43174ec395a8cc426fee474794

SHA512
af6e371af66e8ba960565fa010decf94537494741d7d6e97184b9a084fd55902e5c2aadca85c9425117db4c2e2ed9e8e0557cbe97a7e4a792d39f7b436152e3b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
89KB

MD5
c4c5e6f755fd37fe011ff681948ec8fd

SHA1
23023b2d9aa877fd8f8f05b8c883538b30517707

SHA256
895ed81081d4d545e706976f0f40eef14c4687836ef413fb2af3f47f5419871f

SHA512
02c16cf2f164434eb70940ac47e23e3457eb5fbcfb7a8690544ea5885559cfca77e480e0993e0172b556c5b0501367b2b1199bc3233d8335aa581a68b0ab67c7

Download Submit
memory/2168-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2168-658-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads