579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
28-06-2024 01:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
Size

80KB
MD5

0ae3d95b5f1dc0e488cf6adca547c410
SHA1

232c2b01e817705621b4df9382d4c95da93fc8d2
SHA256

579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9
SHA512

8387e38235866a80dbfa1201fa615e56c2f63e4934e4a64bb1440906ff52d6b5ab4d27e81217ac59931c81c6a1d7edbbd100e577a05186cc7eff9422a2980f33
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhD:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsm

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3529) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Mozilla Firefox\browser\crashreporter-override.ini.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Routing.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\speaker-32.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hovd.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+12.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_box_right.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Vincennes.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\Mso Example Setup File A.txt.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_zh_4.4.0.v20140623020002.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\br.txt.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationLeft_ButtonGraphic.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\whiteband.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Asuncion.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mip.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\El_Aaiun.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libcache_read_plugin.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\it-IT\MsMpRes.dll.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_zh_4.4.0.v20140623020002.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\IA2Marshal.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.DynamicData.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\js\settings.js.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\combo-hover-left.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InputPersonalization.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\auxpad\auxbase.xml.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bahia_Banderas.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-loaders.xml.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\atl.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\FlickLearningWizard.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Brussels.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\it-IT\bckgzm.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libnsv_plugin.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_mosaic_bridge_plugin.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AMT\AUMProduct.aup.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_zh_CN.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\installer.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ChessMCE.png.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\de-DE\FreeCell.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\ReceivePop.DVR-MS.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\tet\LC_MESSAGES\vlc.mo.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.workbench.nl_ja_4.4.0.v20140623020002.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-cli.xml.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\boot.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-jmx.xml.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\JNWDRV.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sampler_ja.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Gibraltar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\Accessible.tlb.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Xml.Linq.Resources.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\fr-FR\Hearts.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\bckg.dll.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\setup_wm.exe.mui.tmp	579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\579d17b25baa29ee5f38d051951fb8291729b87d4c106d3a84c772da1c6191b9_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
80KB

MD5
b040800b810ec09f9563108524b5ec6d

SHA1
7708e992f0b62ae70c708ad117b73a55a749e2bb

SHA256
4a3a10b84cb7f7430f8124e9196b3a17fc5ab8a06be2cb7f4f1d71d26eebc865

SHA512
7a22379b650cac910820a73a62ca39c0d9657e51b33bbf3e69e41743dc2de3fecc9af515704456a97efc18d12adb0d34191c1807c3f9ee8180dbcae9948d3495

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
89KB

MD5
4257bc6df7818096728e1b6ead0627b9

SHA1
a701e799acca114821ef35081f810d0cbda7630a

SHA256
8c76f680098373f57cb5fee63e41313f74759384d678c7bc18d021358374f88e

SHA512
0397176a272a10b3dececf209fdc7d582903fc3c2dfc1e39a8108835acff975e87a1ff55e3702d117f7bc4950c03b39d5132494aec4aa9e0642b9f0606f4c6cc

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads