5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255

Analysis

max time kernel
149s
max time network
120s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
29-06-2024 04:05

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
Size

94KB
MD5

f37d0966b2cd54540b19565f86aba2e0
SHA1

4b8f1b871cae7ed7eb3f9c504993762f96c59609
SHA256

5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255
SHA512

f84e2a8727911cd68431f215d03f8b272c4717f3f5da290c94a4fe4baa6f503aff96fe81a784c808512e7352b3aa035b85ecb8bd253f48249d7d7eb75630aadd
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/OfxRfxHAu39Au3Ww2wb:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf77

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3484) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_winxp_blu.css.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Guyana.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_75_ffe45c_1x100.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yekaterinburg.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\olh.htm.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Tijuana.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\it-IT\WinMail.exe.mui.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-keymap_zh_CN.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-keyring-impl.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Jayapura.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\zh-tw.txt.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\1047x576black.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\epl-v10.html.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Monaco.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core.xml.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\fr-FR\Hearts.exe.mui.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libx26410b_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_ButtonGraphic.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_it.properties.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsfra.xml.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\PurblePlace.exe.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\currency.js.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\LogTransport2.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_zh_4.4.0.v20140623020002.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\zip.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_blue_snow.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-last-quarter.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sw.pak.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler.xml.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\de-DE\jnwdui.dll.mui.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\gd\LC_MESSAGES\vlc.mo.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.jdp_5.5.0.165303.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net_1.2.200.v20140124-2013.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightItalic.ttf.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\UIAutomationProvider.resources.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mip.exe.mui.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-over-select.png.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Guadalcanal.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\fr-FR\sbdrop.dll.mui.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\js\main.js.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkObj.dll.mui.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\resources.jar.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\it-IT\js\cpu.js.tmp	5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\5f673128dd68e90b93ea351573f8cd67d2619e29535c8dd1759ab62a891b9255_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp

Filesize
95KB

MD5
5899c65e0babdabf680ed6898e1cd807

SHA1
8c14ed7840a4dc38c0b174df24afc1d2bf41ee69

SHA256
bd5d6755d32331d1dde1233a26893ebe5d72fdeb79c5105c3a27852a737d6ec4

SHA512
6f12eb05d3cb55b763c249f8e7051d535ebc20dece2bbac397534cdbcb88d302d53d7970e01834153266643dc2c4649b010a18d31b4174cb4d7251d77ce09ad4

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
104KB

MD5
3c6057c7d656ce542209b174950e1a0b

SHA1
c2327c532a9fd34946e611c976468363d0da9801

SHA256
a90ffcb744581973527204bfeae08c2de622950edb086f785d70b4ae1e94d648

SHA512
c34271275206e2701720bdb6902ec89a3860ec3354c328e4377c6f1b852adaf41bf45ce95beb3f4f3e2747c9b555de1ccc56056166597dd6c263fb1a8a1a3baa

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads