ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34

Analysis

max time kernel
13s
max time network
53s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
29-06-2024 13:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Size

1.4MB
MD5

767d7bd9be09dea4533b55c2ca564200
SHA1

4519e35d8b67439347be06ac86d568363c1727e4
SHA256

ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34
SHA512

84473e3f39e4bb78d2f3268b707dcb1cbd03a3c7d66064c7f52c78f9b9281190b003c390d087543cab066525cbac0abf4435f05fc42171043f4edf8c0ea1f97a
SSDEEP

24576:2wCjAz2JLbE6UH0swuQRd/6cRHXUDoQDZi7GZl+7XQWxw9FHKKKbzvU:hzK1oH0FecdUDfi78XFqKyvU

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Checks computer location settings 2 TTPs 16 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\H:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\O:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\P:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\W:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\R:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\V:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\A:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\E:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\G:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\I:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\K:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\N:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\X:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\B:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\J:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\L:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\T:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\U:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\M:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\S:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Drops file in System32 directory 12 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\hardcore big glans balls .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\trambling [free] young .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\american fetish lesbian [milf] penetration (Gina,Janette).avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\danish nude horse big fishy .zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\japanese cum hardcore masturbation hole .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\blowjob several models glans 40+ .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\bukkake [milf] (Curtney).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\norwegian fucking hot (!) hole shoes .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\russian porn lingerie voyeur glans .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\russian beastiality lesbian uncut (Tatjana).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\horse uncut hotel (Sonja,Jade).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\trambling hot (!) feet .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Drops file in Program Files directory 18 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft\Temp\italian gang bang lesbian hidden cock young (Sylvia).zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\indian handjob hardcore girls bondage .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\trambling licking (Liz).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Updates\Download\blowjob lesbian .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\american beastiality trambling hot (!) feet wifey .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\bukkake full movie (Janette).zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\hardcore [free] (Sylvia).avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\swedish nude trambling sleeping (Samantha).avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\russian action blowjob licking (Sarah).zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\danish nude trambling girls leather .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\trambling girls boots .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\dotnet\shared\blowjob licking feet granny .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\trambling public .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\japanese action blowjob full movie feet .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\japanese nude fucking several models cock .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\microsoft shared\sperm full movie (Sarah).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\Templates\sperm hot (!) (Jade).zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\tyrkish horse lesbian big .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.746_none_2212358fc33cc10f\japanese animal fucking [milf] .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_b1ffa0e7b4ed03e2\spanish sperm full movie .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.844_none_67b5915b5651dd8a\american kicking xxx hidden shoes .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\british blowjob catfight hole .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\xxx girls sm .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SystemResources\Windows.UI.ShellCommon\SharePickerUI\japanese cum bukkake [milf] .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\malaysia lingerie sleeping beautyfull .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1288_none_ca3007304990b2ea\hardcore [bangbus] leather .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.1_none_f42978969c79336a\german beast [free] glans leather .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.1_none_c6da8048542fddc7\beastiality lesbian [free] feet .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_5b152a8d329397ec\african bukkake [milf] (Tatjana).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.1_none_5d54c0aac5c3c12c\canadian lingerie big (Samantha).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\japanese cum fucking licking (Tatjana).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..se-shared-datafiles_31bf3856ad364e35_10.0.19041.1_none_2f5f00d280dce9f6\indian handjob fucking [bangbus] sm .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_ee7ea14f7d8a3ee3\german bukkake big feet gorgeoushorny .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\japanese handjob blowjob voyeur hole ¼ë (Sylvia).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\african gay [free] wifey .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\kicking xxx voyeur mature (Gina,Karin).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_it-it_72a319bf8ee74a9b\italian nude xxx [free] cock leather (Sarah).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\japanese horse hardcore licking hole girly (Sylvia).avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\african beast catfight .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.964_none_1c1a193f5bfcf136\french blowjob catfight 50+ (Sonja,Tatjana).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\black kicking hardcore uncut balls .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\american animal horse public (Jade).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\tyrkish porn lingerie masturbation titts shoes (Melissa).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\porn lingerie hot (!) cock hairy (Melissa).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm_31bf3856ad364e35_10.0.19041.1_none_ae957c4c35a7bf73\norwegian lesbian lesbian leather .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\CbsTemp\russian gang bang beast girls blondie .zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\indian nude hardcore sleeping .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\italian kicking horse voyeur circumcision .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\nude gay lesbian (Melissa).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\italian cum xxx masturbation .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\bukkake sleeping beautyfull .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.572_none_cf90e12518baac85\nude xxx hidden .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\InputMethod\SHARED\blowjob [bangbus] shower .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\japanese beastiality blowjob public black hairunshaved .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1151_none_fbdc4c5f677dc2ec\italian horse xxx lesbian cock boots .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mccs-engineshared_31bf3856ad364e35_10.0.19041.1_none_abfc9db6c377b91f\swedish kicking bukkake several models wifey .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\gay sleeping (Tatjana).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\porn fucking lesbian ash .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\chinese sperm uncut titts .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_887b2378b7b5651d\tyrkish cum gay masturbation femdom .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\security\templates\danish beastiality beast sleeping cock balls .zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\asian xxx [milf] blondie .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\lesbian sleeping feet penetration .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\french bukkake licking .zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_de-de_3d077a9cd5de5151\xxx catfight Ôï (Sonja,Janette).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\italian handjob lesbian public cock (Britney,Janette).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\cumshot beast big bedroom .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\malaysia horse public redhair (Ashley,Janette).mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.153_none_e23c926e32d07dc1\japanese animal lesbian hot (!) glans .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_10.0.19041.1_es-es_e5c3ad79c4e34ebb\cumshot fucking licking bedroom .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\hardcore full movie fishy (Sonja,Curtney).zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\nude blowjob masturbation titts .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.1_none_2fe79eae2833b9b1\horse voyeur .avi.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.1_none_fa09f84703cb02c5\british bukkake uncut traffic .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_5abbd3c4a3f2014c\gay [free] (Samantha).zip.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.1_none_9aa486d790131d4e\sperm [free] feet redhair (Sarah).mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\cumshot beast big titts wifey .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_89c0bf1761110f07\asian sperm uncut 40+ .mpg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\japanese beastiality beast public feet (Kathrin,Jade).rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\danish nude bukkake sleeping feet ¼ë .mpeg.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\italian horse lesbian girls .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\indian fetish xxx lesbian .rar.exe	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
948	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
948	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
404	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
404	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1120	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1120	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1704	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1704	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
4732	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
4732	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3928	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3928	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
872	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
872	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5084	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5084	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3812	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
3812	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 3080 wrote to memory of 5112	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	82
PID 3080 wrote to memory of 5112	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	82
PID 3080 wrote to memory of 5112	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	82
PID 5112 wrote to memory of 3672	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	83
PID 5112 wrote to memory of 3672	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	83
PID 5112 wrote to memory of 3672	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	83
PID 3080 wrote to memory of 2804	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	84
PID 3080 wrote to memory of 2804	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	84
PID 3080 wrote to memory of 2804	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	84
PID 3672 wrote to memory of 1260	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	85
PID 3672 wrote to memory of 1260	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	85
PID 3672 wrote to memory of 1260	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	85
PID 3080 wrote to memory of 2384	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	86
PID 3080 wrote to memory of 2384	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	86
PID 3080 wrote to memory of 2384	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	86
PID 5112 wrote to memory of 2808	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	87
PID 5112 wrote to memory of 2808	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	87
PID 5112 wrote to memory of 2808	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	87
PID 2804 wrote to memory of 5008	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	88
PID 2804 wrote to memory of 5008	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	88
PID 2804 wrote to memory of 5008	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	88
PID 3672 wrote to memory of 948	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	89
PID 3672 wrote to memory of 948	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	89
PID 3672 wrote to memory of 948	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	89
PID 2804 wrote to memory of 404	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	90
PID 2804 wrote to memory of 404	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	90
PID 2804 wrote to memory of 404	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	90
PID 3080 wrote to memory of 1120	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	91
PID 3080 wrote to memory of 1120	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	91
PID 3080 wrote to memory of 1120	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	91
PID 5112 wrote to memory of 1704	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	92
PID 5112 wrote to memory of 1704	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	92
PID 5112 wrote to memory of 1704	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	92
PID 1260 wrote to memory of 4732	1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	93
PID 1260 wrote to memory of 4732	1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	93
PID 1260 wrote to memory of 4732	1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	93
PID 2384 wrote to memory of 3928	2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	94
PID 2384 wrote to memory of 3928	2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	94
PID 2384 wrote to memory of 3928	2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	94
PID 5008 wrote to memory of 872	5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	95
PID 5008 wrote to memory of 872	5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	95
PID 5008 wrote to memory of 872	5008	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	95
PID 2808 wrote to memory of 5084	2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	96
PID 2808 wrote to memory of 5084	2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	96
PID 2808 wrote to memory of 5084	2808	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	96
PID 948 wrote to memory of 3812	948	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	97
PID 948 wrote to memory of 3812	948	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	97
PID 948 wrote to memory of 3812	948	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	97
PID 3080 wrote to memory of 4336	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	98
PID 3080 wrote to memory of 4336	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	98
PID 3080 wrote to memory of 4336	3080	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	98
PID 5112 wrote to memory of 3976	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	99
PID 5112 wrote to memory of 3976	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	99
PID 5112 wrote to memory of 3976	5112	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	99
PID 3672 wrote to memory of 3992	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	100
PID 3672 wrote to memory of 3992	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	100
PID 3672 wrote to memory of 3992	3672	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	100
PID 2804 wrote to memory of 2844	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	101
PID 2804 wrote to memory of 2844	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	101
PID 2804 wrote to memory of 2844	2804	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	101
PID 1260 wrote to memory of 976	1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	102
PID 1260 wrote to memory of 976	1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	102
PID 1260 wrote to memory of 976	1260	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	102
PID 2384 wrote to memory of 2864	2384	ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe	103

C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3080
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  - Checks computer location settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:5112
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    - Checks computer location settings
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:3672
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      Checks computer location settings
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:1260
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        Checks computer location settings
        Suspicious behavior: EnumeratesProcesses
        
        PID:4732
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:2908
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:5644
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:9556
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:11300
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:15160
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:14208
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:6752
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:15764
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:22676
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:9532
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:11168
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15400
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:21628
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:2888
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:8820
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:14496
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:7196
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:11192
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15088
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:13128
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:5956
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:11900
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:17916
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:7784
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15788
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:22608
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11480
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15804
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22856
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:976
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:5652
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:11876
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:17516
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6856
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15740
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:22952
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9800
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11152
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15408
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:21976
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:3792
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9184
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:13708
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:6012
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11112
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15564
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:23892
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5940
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11908
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:18036
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7992
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15544
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11076
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11748
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16028
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23080
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      Checks computer location settings
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:948
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:3812
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:5548
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:11724
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15932
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:22912
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6720
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:18164
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9212
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:14148
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:4800
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11276
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:16044
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:23160
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:2792
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9540
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11176
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15852
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22936
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5900
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11836
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:16052
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22968
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7660
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15192
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:21792
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11512
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15844
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22864
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:3992
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5660
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11544
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15972
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22808
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6788
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14236
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6312
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:9564
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11248
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15532
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:20404
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:4516
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8848
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14604
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:7904
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11284
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15136
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15680
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5908
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11576
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15908
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22792
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7688
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14708
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7896
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11756
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15892
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22616
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    - Checks computer location settings
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2808
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      Checks computer location settings
      Suspicious behavior: EnumeratesProcesses
      PID:5084
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:2388
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:5312
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:8332
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:14692
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:7944
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:11732
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15868
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:22768
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:4376
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:14260
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:6128
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:8112
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:19312
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11400
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15996
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22872
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:2232
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:7516
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:16124
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:22984
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11504
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15796
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22668
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6004
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15748
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:23064
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8140
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14424
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:2356
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11408
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15956
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22880
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:1348
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5732
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9792
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11144
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15064
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14376
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6696
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15772
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22904
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:9176
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:13700
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6076
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11232
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15916
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22752
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:1992
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8692
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14228
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:2140
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11256
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15884
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22920
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5972
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11740
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16020
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23088
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7820
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14848
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:3580
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11440
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15964
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22832
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    - Checks computer location settings
    - Suspicious behavior: EnumeratesProcesses
    PID:1704
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:1588
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5448
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9336
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11200
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15112
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:13324
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:3476
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14252
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6436
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8424
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14880
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:8476
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11392
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15720
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22976
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:3436
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8836
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14480
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:20360
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11308
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16132
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23128
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5988
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11884
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:18124
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7800
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:17500
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11416
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15860
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22684
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:3976
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5456
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:9192
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14220
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:3324
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11292
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16108
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23120
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:3584
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16076
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23096
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8340
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14888
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:12308
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11096
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:14812
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8452
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:2088
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:9272
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:19512
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11184
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15080
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11092
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:5884
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11568
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15940
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22928
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:7636
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16100
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22960
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11496
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:15820
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:22744
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  - Checks computer location settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2804
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    - Checks computer location settings
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:5008
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      Checks computer location settings
      Suspicious behavior: EnumeratesProcesses
      PID:872
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:2832
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:5440
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:8700
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:14380
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        8⤵
        
        PID:6440
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:8048
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15128
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:1684
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6304
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:15756
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:23144
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:8516
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:14700
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:7900
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11128
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15372
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:21952
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:3816
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:8556
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:14452
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:6768
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11356
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:17508
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5932
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11520
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:16036
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22944
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7652
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:17524
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11424
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15836
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22848
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:2816
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5708
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9280
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11208
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15424
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:4548
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6812
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15204
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:21944
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:9548
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:20364
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11332
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15144
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:12900
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:1856
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8912
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14656
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:7888
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:10252
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15168
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14172
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5948
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15780
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22776
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7680
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14856
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8436
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11448
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15440
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5560
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    - Checks computer location settings
    - Suspicious behavior: EnumeratesProcesses
    PID:404
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:2560
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5400
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:8416
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:14684
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:7892
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11384
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15380
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:21960
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5876
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:11528
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15924
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22736
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7644
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:16084
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:23104
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11472
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15828
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22696
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:1528
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8676
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14940
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:12988
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11324
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15988
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22840
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5964
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14512
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6944
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7808
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:19304
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11368
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15224
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:21784
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:2844
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5680
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:10184
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11136
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15416
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:21968
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:6728
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15432
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5596
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:9240
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14368
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6328
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11216
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15392
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:19888
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:748
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8668
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14488
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7048
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5036
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16068
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:23152
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:5892
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:14872
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11924
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:7616
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16432
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:23072
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11488
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:15900
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:22784
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  - Checks computer location settings
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2384
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    - Checks computer location settings
    - Suspicious behavior: EnumeratesProcesses
    PID:3928
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:2848
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:5464
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:8772
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:14520
        
        C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        7⤵
        
        PID:4832
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:9720
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:15876
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:22816
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:6376
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:18228
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8596
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14132
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:6096
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11348
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16340
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:22992
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:3840
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8904
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:14612
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:7968
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11268
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15176
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:20796
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5980
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11892
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:17928
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7792
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14444
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:7024
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11432
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15812
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22800
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:2864
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5672
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:9344
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11316
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15152
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8352
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:6848
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:15096
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:13172
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:9808
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11160
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15212
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16744
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:2132
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8724
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14864
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:8380
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8604
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15120
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16304
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:5924
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:13692
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:3528
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:7672
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:14548
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:7004
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11456
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:15980
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:22888
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  - Checks computer location settings
  - Suspicious behavior: EnumeratesProcesses
  PID:1120
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:2000
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:5484
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:9200
      - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        6⤵
        
        PID:2696
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:11240
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16060
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23112
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:6264
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:16092
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:23168
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8496
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14504
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:1060
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11376
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16012
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:22760
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:3560
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:8324
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:14244
    - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
        5⤵
        
        PID:1172
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11340
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:15184
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:12132
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:5996
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:14140
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:6124
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:8196
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:14268
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:6520
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11104
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:15072
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:13308
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:4336
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:5740
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:11820
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:17492
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:23908
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:6712
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:16116
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:23136
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:9168
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:21292
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11224
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:15056
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:2524
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:4520
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:8828
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:14528
  - - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
      4⤵
      PID:6968
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11120
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:15104
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:13100
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:5916
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:11716
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:16004
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:22896
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:7628
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:14788
- - C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
    3⤵
    PID:7948
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:11464
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:15948
- C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\ac94b2418b1bc2ef892b4c42a264e1a1774cf04abfbd1eadf1b7e05d8620ec34_NeikiAnalytics.exe"
  2⤵
  PID:22824

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\russian action blowjob licking (Sarah).zip.exe

Filesize
2.0MB

MD5
62dde23ec7b553eccf415f949682905e

SHA1
f8900852c6b4d42a3c06542c808edd8d642a30e4

SHA256
3c0c1b8a47bc86530bdb8ff626858238152bcdab5e9fdc94a2664717cb6ef865

SHA512
85c7452f9ad05ad75adb51213c243717e6201c93baadab90cdcdbc3e41394ebfde27d1bde39405b405c10f62b7c65344871fd4525b0554960efd692744a61193

Download Submit