047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0

Analysis

max time kernel
149s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
29-06-2024 22:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
Size

76KB
MD5

8fab3c5c3d145335cd291fcd8532bc60
SHA1

5c985405a19ebe47d60644593987bbbcc3694032
SHA256

047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0
SHA512

252a6ade9f13286a3228a686c5da12e3b6de538ed4ca04a99b060b6ec78aa75a02d2687f3e5b85a6ae65a09bbbe3a79f8222ed40614c0aaef1f4fcfc9d9ea2ff
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhd:6pWpUFpEhLfyBtPf50FWkFpPDze/qFss

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3693) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationLeft_SelectionSubpicture.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Tegucigalpa.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di_1.0.0.v20140328-2112.jar.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-output2.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\lt-LT\tipresx.dll.mui.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationClientsideProviders.resources.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Montevideo.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Riyadh88.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\feature.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Paris.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\vlm.html.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-templates.xml_hidden.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\javacpl.exe.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\split.avi.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\sonicsptransform.ax.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sl.pak.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-14.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-actions.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)greenStateIcon.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\COPYING.txt.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\flyout.html.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\Logo.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_fr.jar.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-13.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\Chkr.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Services.resources.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_search_down_BIDI.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\de-DE\DVDMaker.exe.mui.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\about.html.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+7.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\ShvlRes.dll.mui.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\eventlog_provider.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-utilities.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\system_s.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\settings.html.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kolkata.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jdwp.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\flyoutBack.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\RestoreAssert.mpp.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\fr-FR\js\clock.js.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdfmap.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_frame-imageMask.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\FormatCheckpoint.crw.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sampler.xml.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPWMI.MOF.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ja-JP\wab32res.dll.mui.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Moncton.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\ja-JP\wmpnscfg.exe.mui.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Aqtobe.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Berlin.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadomd.dll.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.operations_2.4.0.v20131119-0908.jar.tmp	047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\047320579e9333c465cac76f3988ee55f1a53234f245215413da679ac6491fa0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
76KB

MD5
eab5f2eca3396fe33c417706af1600c6

SHA1
deaff5e00ec2620ded9b1801be894af6142864bc

SHA256
58e85cf81a86fdd2b0274e030799325be918b0c5d71ebc8951b66eac7a5b5f24

SHA512
76ea4410d35172c3721e66e2fc7c89c75fd0c6aa2a24ec4eb9009aff4723ea9e5b1a830983d5517eeb9fcdf6770d39e22653b726b800983a039e6d07e2856910

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
85KB

MD5
5c498494ea2c3de2c8a0cb52a21857d9

SHA1
8a7715eab7fa9750fb0492c87e306e06d7f8ff78

SHA256
821962f3a738f6177c41a7b10ed04f57127b9996d61bb966adf42300abca4287

SHA512
5dc27fe2d125e4cd624f8102f19afb2df380d5d92872fa4558bd5460c894c0e8fd880cb1c7b8e71a56277bd0be94ed3fe72c9e17f82d868cbfd64574b39f11d3

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads