92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
28/06/2024, 10:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
Size

95KB
MD5

5e146ccbc5cc68a8ef44fe018d68ac40
SHA1

911c8b16f4f5f45a815bf25dd664f82c82c789e3
SHA256

92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04
SHA512

d97b83bd68d514befc8616f79fefb89a68483152fb630f29c3a420f4124dd20a6c483c843e9a134c1c3ce217a3b64a19951c77cfdc3d67d5d5312690f7350603
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/OfxRfxHAu39Au3pyDxsyDx1:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7A

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3498) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\flavormap.properties.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\management-agent.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk15\windows-amd64\profilerinterface.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-lib-profiler-ui.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\mpvis.dll.mui.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\month.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\gu.pak.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_zh_CN.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Perth.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado15.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\es-ES\Mahjong.exe.mui.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_10_p010_plugin.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\ja-JP\NBMapTIP.dll.mui.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mn.txt.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.nl_zh_4.4.0.v20140623020002.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-settings.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\btn-next-static.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-highlight.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\Center.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_ja.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\gadget.xml.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\in_sidebar\bg_sidebar.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Esl\AiodLite.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Web.Entity.Design.Resources.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libgnutls_plugin.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\fr-FR\Sidebar.exe.mui.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Zaporozhye.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\prev_rest.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\mr\LC_MESSAGES\vlc.mo.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_rtl.xml.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ta.pak.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kamchatka.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Luxembourg.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\ECLIPSE_.RSA.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\drag.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic.ja_5.5.0.165303.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\jfluid-server.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.RunTime.Serialization.Resources.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-compat.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Star_Empty.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\css\weather.css.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\shvlzm.exe.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSLoc.dll.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui.zh_CN_5.5.0.165303.jar.tmp	92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\92ce082e8e3a422071002d21b2f246c0624f2c3a436a5ea85625bedbd6538e04_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp

Filesize
95KB

MD5
b3c4071d2995715d5f3fe9f34f67a4db

SHA1
a8daad165fc57df683b0867f231ad85e810f3f41

SHA256
36d63e3ac078ae26cf785222dff790363782201b4404b6c95412804a65cab775

SHA512
dfca0732bf3c16864ce3650139daf7b4fea58bda271e301967f9d76bce789c127a18c2511df4831ab4de68968c99fc769b38df0f851502b7e0cb41a31784aa3a

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
104KB

MD5
1bae142cd1d7bc031976e3ef91e12ac3

SHA1
f9fb1f67673dc39165b24a261324c29b9aaf45dd

SHA256
204874fbbc9fd28a04bc7b6ccca6dc700cd1ecac304ec16e7c06c5b419f106ba

SHA512
58fb541183c4076e9788eead9d7b59f0166c4b98a6a1f222ad5378d2ef52000298bcf3410c958a8d8dc77c623fd719bf900cb5804a2a8f14dbc9c67e1666261d

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads