032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e

Analysis

max time kernel
149s
max time network
118s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
29-06-2024 21:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
Size

86KB
MD5

7128224987fb2a7ffce031a33a937ef0
SHA1

4ed420c8eefed4b7965e4926a7e14a97d576bf76
SHA256

032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e
SHA512

6a31ada6fcffb241ce801f9b1f06780f16a71164f557c135922cf38de8af41ba0eeb1c9ece70b9e8739237a96d66f06cd4bfde42d752a0712ab0fcb48320422f
SSDEEP

1536:/7ZQpApze+eO888888888888888888888888888888888888888888888888888C:9QWpze+eO88888888888888888888887

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3502) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-core-kit.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jdb.exe.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh001.htm.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-loaders.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Nassau.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\application.ini.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.Speech.resources.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\calendar_double_bkg.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\css\flyout.css.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipBand.dll.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\PST8PDT.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.osgi.compatibility.state.nl_ja_4.4.0.v20140623020002.jar.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\keytool.exe.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.preferences_3.5.200.v20140224-1527.jar.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-dialogs.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_zh_TW.properties.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\ShapeCollector.exe.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Services\verisign.bmp.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Noumea.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\en-US\MpEvMsg.dll.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\ja-JP\wmplayer.exe.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\triangle.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\fr-FR\js\slideShow.js.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-keyring-impl.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Managua.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Page_PAL.wmv.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\JAWTAccessBridge-64.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libposterize_plugin.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\15.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_precomp_matte.wmv.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Printing.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-3.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_down.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sawindbg.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-editor-mimelookup-impl.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\it-IT\js\calendar.js.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jabswitch.exe.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\css\blafdoc.css.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.css.sac_1.3.1.v200903091627.jar.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application-views.xml.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_SelectionSubpicture.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_it.jar.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\en-US\sbdrop.dll.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-border.png.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nassau.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libfps_plugin.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\de-DE\MsMpRes.dll.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\WMPMediaSharing.dll.mui.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\asl-v20.txt.tmp	032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\032601ba4b164d62e1869183b8bfe5a716ae084af72ffe45b90eff748cc35b5e_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1752

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

Filesize
86KB

MD5
027b06c0ff83f5d51a3959c019dc89a8

SHA1
d3b154e5a7b19e125f649f2aaaa51d71dbe602af

SHA256
4b268f1ecc36dc5028bcf4fb9a6a374d48ac8a9ede7e64ad30fc72f25dcd3d3b

SHA512
696054180e87ebc5cbc4e8a00836fc64b4ee4b0487dc6a1cc98d12b41ecc3ae1056f284f3ec015d634fef63b218ee579416cbf1cda0c481b6791ab68180ae581

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
95KB

MD5
2bf093a7054f230fea0bf74a913e4206

SHA1
eaf172be224cb08a64690ff6e810f539fc554038

SHA256
90e2d155c886094118f8af8939b526065455f89cfcb6d9668030da3d674374f5

SHA512
23b614c0b98a6ee2a19cba3aaff77f9d28b1464d60c04dc0dc263ab0481a635043adfff828c7602ee59250377f20c734272e3501269e6170c695def6eea08357

Download Submit
memory/1752-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/1752-652-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads