0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 23:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
Size

69KB
MD5

cd4d3bb4ec86aed86654e6769fdc4210
SHA1

94bf5d80a1c7fc9fe6dcce4aba6b694889630d13
SHA256

0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123
SHA512

1f52f5c00e0915d10c53565edcf51c36bd6a2813dade48a941960bc8eb46b3a0dec8426df6ed9e6c5afe52fbd392b704096be37c36437b72ff86037f695ba694
SSDEEP

1536:/7ZQpApze+eJfFpsJOfFpsJYp4p3pqpglgZhZg:9QWpze+eJfFpsJOfFpsJYuflgZhZg

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3512) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\rtstreamsink.ax.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\full.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Ceuta.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Network Sharing\wmpnss_bw48.jpg.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\PMP\AdobePDF417.pmp.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_hover.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\micaut.dll.mui.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\HideRemove.rle.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp_5.5.0.165303\feature.xml.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_ja.jar.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\WMPDMC.exe.mui.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ta.txt.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.jpg.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\btn_close_down_BIDI.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msaddsr.dll.mui.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Taipei.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Beirut.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Yerevan.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\images\dialdot_lrg.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ro.pak.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\Welcome.html.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.properties.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\librss_plugin.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\visualization\libglspectrum_plugin.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\about.html.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_zh_4.4.0.v20140623020002.jar.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_ja.jar.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_left_disabled.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mng2.txt.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hr.pak.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vulkan-1.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\en-US\chkrzm.exe.mui.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\fontmanager.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\high-contrast.css.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\java.policy.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IO.Log.Resources.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationClientsideProviders.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\fr-FR\css\picturePuzzle.css.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Troll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\management.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Saipan.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\en-US\WMPMediaSharing.dll.mui.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\18.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\jnwdui.dll.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Monet.jpg.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-back-static.png.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Cocos.tmp	0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\0a8a8d27b7828b9035b2b7db3f0a4d0c0da507b8a22b66bc8d98e45d439ca123_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1340930862-1405011213-2821322012-1000\desktop.ini.tmp

Filesize
69KB

MD5
f0cb8cb3a0e59423a92f8530613404a6

SHA1
8ef9b03f52e99efc2a7c1a8e0444ce6a4e0fb953

SHA256
682fbf372d1821574caf0c22e56d01b046875d5aee1aa3f8ad1c911798e3f4b4

SHA512
5eea2db908d9affc17b21eea930908d950c7c294bf2cf649c597915cf0566a71bd82ad0f7abb6f88ce5946e28c044305ef75247d29939c97df403d39a4ec5ed2

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
78KB

MD5
f9ea46c3e3ffda7559c7c494f4d18659

SHA1
efcef3477bffb5b5b1011ba5457f508231d8bef4

SHA256
3db56c8a1c4884ae22310875514153006e26923c6648cd4d26382e4a767d1ef0

SHA512
59ff819f27455d19e806d0a30be496856678d9c215992d9dd6b16bd91a924b1d2eff4d8cee1c3b1c1d4178f8f0f05538059505ed03ec1cfe9a0117bc3f275298

Download Submit
memory/2088-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2088-650-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads