a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
29-06-2024 10:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
Size

90KB
MD5

3781a461826f037409eeb64bd03b31d0
SHA1

3a5597b740244af3afe031c451d2394d932952d5
SHA256

a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e
SHA512

4785b9f5169b1ab9ca2d4bb6d88d1ea4605a2be784dfeb05b760abb01a75d6ad16d5d8d74ea309566af2b636d98b46b08f27fefc1c8b5cddec977c3dd16c03e8
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhb:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsG

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Apia.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\blackbars80.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-options-api.xml.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-execution_zh_CN.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-11.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\com.jrockit.mc.rjmx.metadataprovider.exsd.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-api_zh_CN.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ts_plugin.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\en_GB\LC_MESSAGES\vlc.mo.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DebugUnprotect.cmd.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\NavigationRight_ButtonGraphic.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\TravelIntroToMain.wmv.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaire.exe.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\mshwLatin.dll.mui.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_de.properties.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodbig.gif.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\travel.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\jsdbgui.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Perth.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-progress.xml.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-threaddump.xml.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_highlight-soft_100_eeeeee_1x100.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libsftp_plugin.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\plugin2\msvcr100.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Marquesas.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\PST8.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\jquery-ui-1.8.13.custom.css.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libcaca_plugin.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\ja-JP\DVDMaker.exe.mui.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\F12.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\keytool.exe.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpcore_4.2.5.v201311072007.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.core_5.5.0.165303\feature.properties.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_sv.properties.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InputPersonalization.exe.mui.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\co\LC_MESSAGES\vlc.mo.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\ipcclientcerts.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Data.Entity.Resources.dll.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_Buttongraphic.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Managua.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.app_1.3.200.v20130910-1609.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-bootstrap.xml.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-attach_zh_CN.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\vistabg.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\it-IT\WMPSideShowGadget.exe.mui.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\MET.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.observable.nl_ja_4.4.0.v20140623020002.jar.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationLeft_ButtonGraphic.png.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\it.pak.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\ie9props.propdesc.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Monterrey.tmp	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\features\[email protected]	a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\a41bf5e2625abeb3c4ed9683f5c947f281f850be9f0650971ac18ec4d60f409e_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
90KB

MD5
40a96fb39d1687290f17bfb797545bf0

SHA1
64183bf8f32917e0f37c7d60314efeed6b0b736c

SHA256
0fbf7d33701b5893d0e28117b52ad2e5b8356d15b3e7c633ee51d987c85fccef

SHA512
bada9e674712ba9da5275870318229c0a4de861484c74812768fd708d5d81bb852c6a2938efe5d4fdf5a7c500e563f369e69e618797f6cc712a81959618bc529

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
99KB

MD5
868efdaf83a28d4949459533146f2cbe

SHA1
1cc8807d894c7acf4980b3fab84e536457ea7806

SHA256
a5d12bc76a4afa8a76c058e0e87979bf0e2305b2ead46f935febf5722c99ef9e

SHA512
b22a148d4623faa2b5589edfb0f6ec69a41c0366c63deb908fb45d80c1edca828d66ba8e4178d222b9f761bc7ae5948df03d33f861400674b59cc0e6b78b33be

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads