acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 13:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
Size

96KB
MD5

375fd6e2c9c1a89e402ff1548601edb0
SHA1

fccf538e3d8e754dad3c84b6e9aae9fd78a2209e
SHA256

acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60
SHA512

efcef26684c5bf9d1234b1220e71dd723b152ecceb5c89815716793b3f2a76d9c3a8b328606d708d2cae22ee8094b08a77c09aee2d9e0b8b6a486814f568126f
SSDEEP

3072:9QWpze+eO888888888888888888888888888888888888888888888888888888v:Lpe+ekeq19

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3454) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Data.Services.Design.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\es-ES\WinMail.exe.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\jhall-2.0_05.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Eirunepe.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Services.Client.resources.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\ja-JP\MSTTSLoc.dll.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationUp_SelectionSubpicture.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jfr\profile.jfc.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\images\cursors\invalid32x32.gif.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\currency.html.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\nb.pak.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\EET.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\icons\flight_recorder.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perfcore.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench_1.2.1.v20140901-1244.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaremr.dll.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\wab32.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\SolitaireMCE.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\THANKS.txt.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\WMPMediaSharing.dll.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\wmpconfig.exe.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\rings-desk.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pl.txt.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\redmenu.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-profiler.xml.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_h.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libwinhibit_plugin.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\en-US\bckgRes.dll.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\appletrailers.luac.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liboggspots_plugin.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\DMR_48.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\diner_dot.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\delete_down.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msadomd28.tlb.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.nl_zh_4.4.0.v20140623020002.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jfxwebkit.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\FlickLearningWizard.exe.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\header-background.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\fr-FR\js\localizedStrings.js.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Bogota.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+5.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\VISSHE.DLL.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_bottom.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqlxmlx.rll.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\uk.pak.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile.html.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libh26x_plugin.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_rtp_plugin.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\de-DE\MSPVWCTL.DLL.mui.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\rtscom.dll.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.services_1.1.0.v20140328-1925.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmid.exe.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\PST8.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\bookbig.gif.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Guyana.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\kn.pak.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7.tmp	acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\acb5085fcd03f6a3b9dcdba3a668de2071e177fe1ff85dfec004848d1d93ce60_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp

Filesize
97KB

MD5
905f267cbf8f9fa1b8199780ec82c2fe

SHA1
e2f3fb99ad86c4dc85670a71a6622674eb4032d8

SHA256
5f6d74054ed1c20789c5ebd3be0863a1c53def012b7f4c8f36201ce4a4444c62

SHA512
c90974eb838e86b606ac21093707ba9325efb84071a80f4730ea65a12179046b46d24c21044eaf53cdde59a294118aaa1a863e228022edd83f3c442f610319c9

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
105KB

MD5
084ae041956cc11326379ae830443415

SHA1
9a42683057d78739a32b10b51d53a3d035c39cbb

SHA256
4ec92399c1cadc17813c70c5f51e0cc7491ef60cd78db68bbe35a00f14773ac2

SHA512
cef4361f2d35f567b7366796aa73f9603b939ddb6ac111049962c3a0a572bee138caba9dbca41c430549317cd0601b145171278b3d62e4de4ba0cfb00c3f076e

Download Submit
memory/2740-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/2740-522-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads