aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 12:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
Size

56KB
MD5

fb85238fd3ac322af3f5b4ee6e1f60f0
SHA1

c2939011bfdc20d5827687c0d2682f5a8ef1020f
SHA256

aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486
SHA512

b2189062f47f1f4d662a92fce323233843b8faa6beba0ededd8ae693e7b48311e0b0d722d8f9254cbf4da12818e93c709f5bb22dcdb84afbc101512395515faa
SSDEEP

768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcFw7:/7ZQpApze+eJfFpsJOfFpsJl

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3729) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\new-trigger-wiz.gif.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-applemenu.xml.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\ja-JP\PurblePlace.exe.mui.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\UIAutomationClient.resources.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\feature.xml.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Shanghai.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Curacao.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\Microsoft.Build.Utilities.v3.5.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\de-DE\MSTTSLoc.dll.mui.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kuala_Lumpur.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\BHOINTL.DLL.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.DataSetExtensions.Resources.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\sq\LC_MESSAGES\vlc.mo.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Pretty_Peacock.jpg.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.contenttype_3.4.200.v20140207-1251.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpuzzle_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\32.png.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.xml_1.3.4.v201005080400.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\eclipse.inf.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-windows.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\browser\VisualElements\PrivateBrowsing_150.png.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Entity.Design.Resources.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Management.Instrumentation.Resources.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Linq.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\es.pak.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jsse.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\picturePuzzle.html.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libyuv_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\gadget.xml.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.ui_5.5.0.165303.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ca\LC_MESSAGES\vlc.mo.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_ja_4.4.0.v20140623020002.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\liblogger_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_gather_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\configuration\org.eclipse.update\platform.xml.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\license.html.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-selector-ui.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\css\flyout.css.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_RGB_PAL.wmv.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\bg.pak.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libddummy_plugin.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\oledb32r.dll.mui.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perfcore.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Kentucky\Monticello.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861240389.profile.gz.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\send-email-16.png.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_zh_4.4.0.v20140623020002.jar.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Ushuaia.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsesp.xml.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Speech.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Entity.dll.tmp	aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\aabe095f868e703f6e29f8875329bb5d8cc8667afc75c78d632933edb0728486_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
57KB

MD5
9a2621ab0b0f3e5c5b1c95845cae9409

SHA1
7af2a4cde5b4d4bef1d819610e1cf54445c45bf5

SHA256
e34bf5029370ff9e1c7a38665dc710cb690b4c9f6e86d7fc4704a16c877a454d

SHA512
90819ca94c243b2bec95329ca474d38b3e0a46dffe0d24177e696fb9c4d03d416b00429c0cea735d2b1250c338ab2adc0a6a830e47ece74b75cc333fd6d77915

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
65KB

MD5
52aa4bda44d217b309063cdb2a2e0198

SHA1
c675d5babed680694a93a997b6cb899335e1c254

SHA256
0223fb13a8d57eb1c158929c2d0082467bf1e223ab5a6171c182f142c2ca5add

SHA512
503ad51783d413be1be06de03595fa7b66c8d5f0dd2992e0375391523ce140398bfc6a46ce400fe8c12593fab53ec718bf2f75972992bdddb817069f0170b30e

Download Submit
memory/2960-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2960-652-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads