ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10

Analysis

max time kernel
150s
max time network
120s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 12:25

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
Size

98KB
MD5

417c81cd9cdc0317148f17fec2bd9410
SHA1

55e772b176654f63cecfb5695d0fd3a8d6d7d6e6
SHA256

ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10
SHA512

53499beb119ae6f6daec34d7bbeaff8893e92f2cfc0e138fea59b9616df58d97e01948cefc8a4a58ef51c8c4d69bcf860bb74b00d61e783a260627d3d19155cc
SSDEEP

3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBK:PqFF2Ie+effy0

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3139) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-autoupdate-ui.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\Tucuman.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Net.Resources.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ja\LC_MESSAGES\vlc.mo.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-util-lookup_zh_CN.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Nipigon.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\EST5.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InputPersonalization.exe.mui.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\NavigationUp_ButtonGraphic.png.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Bissau.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Abidjan.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\vstoee100.tlb.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkClientCP.bat.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IO.Log.Resources.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\koreus.luac.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libdtv_plugin.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\epl-v10.html.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\mc.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Thimphu.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\FreeCell.exe.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\El_Aaiun.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.theme.nl_ja_4.4.0.v20140623020002.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\trusted.libraries.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InputPersonalization.exe.mui.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msdaremr.dll.mui.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\Timeline.cpu.xml.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Cairo.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Baku.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Pyongyang.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\directshowtap.ax.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-previous-static.png.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightDemiBold.ttf.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jce.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgzm.exe.mui.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_srt_plugin.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcs.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\oledb32r.dll.mui.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.dll.sig.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\El_Salvador.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\micaut.dll.mui.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Cordoba.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\java.security.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\AccessibleMarshal.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_output\libafile_plugin.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_ja.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-execution.xml.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Urumqi.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+2.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.rcp.zh_CN_5.5.0.165303\feature.xml.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\HST.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IdentityModel.Resources.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Luna.dll.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Barbados.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring-impl_zh_CN.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_ja.jar.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\VisioCustom.propdesc.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\defaults\pref\autoconfig.js.tmp	ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\ab5505ddce38822fc7059603db4373f07d675c357fc21b9a9b09ddb15eeb6d10_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1904

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2812790648-3157963462-487717889-1000\desktop.ini.tmp

Filesize
98KB

MD5
6e2f5cbf19a36f9f87db16c731231e60

SHA1
f1b316b2e1aee7658e759ee96fb94e088451bb30

SHA256
e99ab94b17ceb0aee550781dab58bb884d94daa45dfc6cf7e8a4d5da63acebcb

SHA512
e1c6ff078c181776b7a6c2d90a31fea2beb1dd7d5f05cb1f81c1728851f2ecb197f37897d10518a621640dc52b802ff883e01cbc7a08a22f0f6a9df6168eff47

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
107KB

MD5
36d8aa4b4d9a01ce066c363e851404d4

SHA1
16ab76a2e81ccf6a15e706a848efe8c702f30a6a

SHA256
07304d7dde319ba1fd9ea0c5209a4ad5401de84694e2afa4a64c6fc960fc40b8

SHA512
6f22feea87478f1469e7f59faa4092a2f797c309e089e3436f672a49701991be36da03ebc74997e77e6b65f84997099725089559dfea1a60c882a55c0c24b5ff

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads