b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa

Analysis

max time kernel
20s
max time network
153s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 16:45

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
Size

1.9MB
MD5

6037bdbcaa27525d0e9e0da0de82a020
SHA1

ec8c588de72586b324ff237616dc2d8ff41f60ba
SHA256

b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa
SHA512

640de415af0e95ab422988c3ac65e4469f969abfcc4de327488edb858a0abcaadaf65ca1d100428e6e88ac830aba1c2326ad15df6c233ab3111b831e8619b047
SSDEEP

49152:hW1WGsjWSdyovgFMSUMZ1CaWsFrTXgucjBXwMp44:U1WGsj8ovgFMSUMZ1ywn/cNAMp44

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\B:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\L:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\N:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\R:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\S:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\V:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\X:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\H:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\J:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\M:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\O:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\W:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\A:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\I:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\K:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\U:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\E:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\G:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\P:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\T:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\asian beastiality licking glans .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\russian lesbian catfight boobs (Kathrin).mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\asian handjob [free] .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\norwegian gay public pregnant .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\spanish hardcore fetish girls penetration (Anniston,Sandy).rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\german handjob catfight Ôë .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\russian sperm hardcore big nipples .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\asian lesbian trambling public YEâPSè& .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\cum animal catfight Ôë .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\black gay [milf] .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\malaysia handjob trambling [bangbus] beautyfull .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\indian xxx animal masturbation sweet .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\action gang bang uncut vagina high heels .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\german porn sleeping mature .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\spanish horse hidden vagina .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\beastiality horse full movie nipples bondage (Samantha,Sonja).rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\norwegian xxx girls mistress .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\indian lingerie lesbian (Samantha,Liz).avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\lingerie sperm [free] castration .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\black gay gang bang full movie .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\kicking licking glans (Melissa).rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\african fucking several models feet traffic .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\black handjob animal uncut ash .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\american beastiality several models .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\malaysia fetish sleeping (Christine).mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

description	ioc	Process
File created	C:\Windows\winsxs\x86_microsoft-windows-m..-temptable-provider_31bf3856ad364e35_6.1.7600.16385_none_1dd3ce8d1e7524cd\american lesbian kicking [free] .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_34400a5790d1d336\fetish cum sleeping fishy (Melissa).zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\beastiality cumshot girls hole blondie .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\security\templates\norwegian xxx full movie shoes .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_it-it_8d9f242de8497d58\fetish lesbian uncut swallow .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-aspnet_installsqlstatetemp_b03f5f7f11d50a3a_6.1.7600.16385_none_16a2bb1dbab1c595\black animal beastiality [milf] mature .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\chinese beast kicking catfight penetration .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_2fc4a33adb648f33\british hardcore gang bang big ash .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_3c93ac15fd731acf\lingerie voyeur hairy .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sx-shared_31bf3856ad364e35_6.1.7600.16385_none_387a16fe7addf3b6\chinese fucking trambling [bangbus] hole (Samantha,Sonja).mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\swedish gang bang lesbian hole .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_1412267f4b3bb985\spanish cum gang bang uncut castration .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft.grouppolicy.admtmpleditor_31bf3856ad364e35_6.1.7601.17514_none_dd18b2a07d49aa11\horse xxx hot (!) gorgeoushorny .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\black kicking hot (!) .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedfolders-adm_31bf3856ad364e35_6.1.7600.16385_none_af6f98ff87b0e3cc\nude hot (!) .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_0993a1b8823a4e79\asian lingerie voyeur cock hotel .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\blowjob beastiality hidden .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_f0ca3430257ea13f\chinese cumshot big stockings .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-vsssystemprovider_31bf3856ad364e35_6.1.7600.16385_none_a727eb798dcfb185\canadian horse hidden (Samantha,Sonja).mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_es-es_0ac4ebfc358e5ec0\norwegian blowjob [milf] ìï .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e30b5ec05031d17d\porn hidden .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedfoldersui_31bf3856ad364e35_6.1.7600.16385_none_b7f38afb92de484f\black horse hidden nipples hairy .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\bukkake voyeur (Christine).zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\lingerie uncut .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_registry_whidbey_31bf3856ad364e35_6.1.7600.16385_none_c26c5b8280c6af34\cum licking hairy .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_4d274741486b900c\danish nude handjob big feet (Gina,Sandy).zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\beast voyeur ejaculation .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_a3772de7111797da\spanish lesbian sleeping .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_39c9d74ef2ad6c7b\horse public glans stockings .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\hardcore masturbation hotel .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\canadian action girls .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_095efe9c8261401e\black xxx [free] nipples .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\brasilian horse [bangbus] ash girly (Sylvia,Karin).mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\british blowjob several models (Samantha).rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ad7c61fb28607522\chinese kicking girls glans .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_963e6ae24c653bfe\indian nude catfight .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\italian lingerie hot (!) boots (Ashley).avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b4aea777fe683838\animal beastiality public legs balls .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_2e7f079c3208e549\beast sperm full movie hairy (Samantha).mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-p2p-pnrp-adm.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_bacc7ceffc55dca2\norwegian lingerie big .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\InstallTemp\xxx several models sweet (Melissa).mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\Temp\action beast licking (Ashley,Liz).avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_ac16749b75335680\spanish gang bang fetish sleeping .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_en-us_aedaf3947d09fbe5\trambling sleeping .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_99b74194b7347cab\handjob lingerie public .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-systempropertiesremote_31bf3856ad364e35_6.1.7600.16385_none_94ab98ac6d213009\swedish hardcore sperm lesbian nipples .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_it-it_97a45841ff925aa0\canadian lesbian girls boobs .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_de-de_05ea1d9b8e2bf020\asian fucking fucking [bangbus] titts .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-sharedaccess.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_ddab3bcb3a4ffb45\danish horse several models 40+ .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\german bukkake gang bang uncut latex .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-nfs-shared.resources_31bf3856ad364e35_6.1.7600.16385_en-us_00f45b041e1e8fd3\cumshot cum big femdom .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_cd2006602e5ee22e\tyrkish fetish action full movie blondie .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorlib_b03f5f7f11d50a3a_6.1.7600.16385_none_2958d4a31d2ec64f\bukkake [milf] titts (Samantha,Ashley).zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bcc167434bb9b3ea\sperm beast public .avi.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_f25d066604c2ad34\german kicking bukkake several models mature (Karin).mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_8c6fc5a7aa8c435d\russian action big ash .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_netfx-shared_netfx_20_perfcounter_31bf3856ad364e35_6.1.7600.16385_none_a945e2c500c90142\lingerie bukkake hot (!) boots .rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_netfx-shared_netfx_20_mscorwks_31bf3856ad364e35_6.1.7600.16385_none_7f84cd98a7a56fd8\xxx gay girls wifey .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\spanish nude big lady .mpg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\american trambling lesbian beautyfull (Karin,Sylvia).rar.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\x86_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_965db382b6fef5cb\action bukkake public swallow .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\kicking sleeping boobs blondie .zip.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_f27c4f066f5c6701\brasilian kicking uncut swallow .mpeg.exe	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2004	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2164	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2596	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
892	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2856	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1580	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2976	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2972	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1684	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2004	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1820	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2164	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1808	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2056	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1900	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2916	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2900	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
892	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2856	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2596	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1052	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1480	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1480	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1304	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1304	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
576	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
576	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
704	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
704	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1768	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1768	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
408	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
408	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1580	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
1580	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2444 wrote to memory of 2740	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	28
PID 2444 wrote to memory of 2740	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	28
PID 2444 wrote to memory of 2740	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	28
PID 2444 wrote to memory of 2740	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	28
PID 2740 wrote to memory of 1636	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	29
PID 2740 wrote to memory of 1636	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	29
PID 2740 wrote to memory of 1636	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	29
PID 2740 wrote to memory of 1636	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	29
PID 2444 wrote to memory of 3012	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	30
PID 2444 wrote to memory of 3012	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	30
PID 2444 wrote to memory of 3012	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	30
PID 2444 wrote to memory of 3012	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	30
PID 1636 wrote to memory of 2080	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	31
PID 1636 wrote to memory of 2080	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	31
PID 1636 wrote to memory of 2080	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	31
PID 1636 wrote to memory of 2080	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	31
PID 2740 wrote to memory of 2092	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	32
PID 2740 wrote to memory of 2092	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	32
PID 2740 wrote to memory of 2092	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	32
PID 2740 wrote to memory of 2092	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	32
PID 3012 wrote to memory of 2220	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	33
PID 3012 wrote to memory of 2220	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	33
PID 3012 wrote to memory of 2220	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	33
PID 3012 wrote to memory of 2220	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	33
PID 2444 wrote to memory of 2004	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	34
PID 2444 wrote to memory of 2004	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	34
PID 2444 wrote to memory of 2004	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	34
PID 2444 wrote to memory of 2004	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	34
PID 2080 wrote to memory of 2164	2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	35
PID 2080 wrote to memory of 2164	2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	35
PID 2080 wrote to memory of 2164	2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	35
PID 2080 wrote to memory of 2164	2080	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	35
PID 2092 wrote to memory of 892	2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	36
PID 2092 wrote to memory of 892	2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	36
PID 2092 wrote to memory of 892	2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	36
PID 2092 wrote to memory of 892	2092	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	36
PID 2220 wrote to memory of 2596	2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	37
PID 2220 wrote to memory of 2596	2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	37
PID 2220 wrote to memory of 2596	2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	37
PID 2220 wrote to memory of 2596	2220	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	37
PID 1636 wrote to memory of 2856	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	38
PID 1636 wrote to memory of 2856	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	38
PID 1636 wrote to memory of 2856	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	38
PID 1636 wrote to memory of 2856	1636	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	38
PID 2740 wrote to memory of 2972	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	40
PID 2740 wrote to memory of 2972	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	40
PID 2740 wrote to memory of 2972	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	40
PID 2740 wrote to memory of 2972	2740	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	40
PID 3012 wrote to memory of 1580	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	41
PID 3012 wrote to memory of 1580	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	41
PID 3012 wrote to memory of 1580	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	41
PID 3012 wrote to memory of 1580	3012	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	41
PID 2004 wrote to memory of 2976	2004	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	39
PID 2004 wrote to memory of 2976	2004	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	39
PID 2004 wrote to memory of 2976	2004	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	39
PID 2004 wrote to memory of 2976	2004	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	39
PID 2444 wrote to memory of 1684	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	42
PID 2444 wrote to memory of 1684	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	42
PID 2444 wrote to memory of 1684	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	42
PID 2444 wrote to memory of 1684	2444	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	42
PID 2164 wrote to memory of 1820	2164	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	43
PID 2164 wrote to memory of 1820	2164	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	43
PID 2164 wrote to memory of 1820	2164	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	43
PID 2164 wrote to memory of 1820	2164	b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2444
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2740
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:1636
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2080
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        Suspicious use of WriteProcessMemory
        
        PID:2164
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1820
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:1328
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:3324
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:5564
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        10⤵
        
        PID:11644
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        10⤵
        
        PID:8548
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:8728
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        10⤵
        
        PID:23236
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:20492
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:4804
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:8804
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:16532
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:6984
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:15048
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:11540
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23888
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:3360
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:5616
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:12064
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:23028
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:8436
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:23824
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:13204
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:7132
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:4912
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:8644
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:13308
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23092
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7176
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:21428
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:10176
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13240
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:900
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:3368
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:5632
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:11636
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:24288
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9120
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:2284
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:4920
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9112
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:12812
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:20524
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7144
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:15128
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9832
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23068
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22016
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5684
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:11752
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22440
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8420
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22312
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13188
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7912
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:4928
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8552
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13292
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23580
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7160
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:15120
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9988
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23076
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21808
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1808
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:568
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:3428
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:5660
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:11652
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:24100
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:8636
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:21444
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:13352
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9272
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:4992
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:8680
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:22008
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:19524
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6664
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23524
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9640
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:6532
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22256
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3468
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5768
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12080
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23020
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9096
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22376
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:16424
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5012
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9544
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22208
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7240
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:15104
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9816
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22152
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:2936
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3492
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5824
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12292
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23396
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9136
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:15072
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:20500
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5028
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8568
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22072
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:19664
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7232
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21936
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9800
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23140
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22488
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3504
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5848
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:10152
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23164
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:15144
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9200
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:16440
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5020
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8652
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22080
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13300
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23116
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7200
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:15088
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:10132
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:15080
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2856
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2900
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:2712
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:3964
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:6764
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:15152
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:11484
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23848
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5520
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:11476
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:23108
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22408
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8744
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9936
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:308
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3996
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6776
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12632
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:6996
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11508
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23196
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23548
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5512
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11760
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23960
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8736
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23808
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:19220
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:1048
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3728
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6168
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:13064
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:5864
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9656
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22176
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5240
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11460
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23228
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23880
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7920
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22000
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13040
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7324
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3852
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6540
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:12496
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22336
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:10556
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5656
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5352
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11736
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23636
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8024
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21460
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11596
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22400
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1304
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:2532
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:4288
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7636
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:6028
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11964
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23644
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6152
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:12756
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23540
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9696
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22216
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4348
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8096
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22024
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11572
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23268
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6264
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13072
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:24296
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9888
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:18940
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:1604
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3984
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6728
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21944
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11316
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21492
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5528
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11776
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23920
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8452
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13232
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6176
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4004
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6756
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12780
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3408
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11364
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23156
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5536
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12072
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23468
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8764
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:20516
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2092
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:892
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1900
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:292
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:3588
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:5880
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:10160
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:19640
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9128
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:16432
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5084
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9688
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:23292
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:21412
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7468
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11828
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5624
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3632
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6020
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12480
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23188
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8048
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11564
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22424
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5160
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:10516
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23444
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21452
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7792
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22360
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12348
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23492
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:2168
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3752
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6160
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12264
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23308
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9648
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22144
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22160
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5184
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9528
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22040
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22184
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7500
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11932
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23652
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3844
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6512
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:14976
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11388
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22472
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5344
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11284
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:4596
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8032
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11580
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23404
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1052
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:1760
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:4092
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7000
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12788
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23332
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11356
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21992
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5724
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11532
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23968
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8612
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23776
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13320
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23100
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4080
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7020
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:15024
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11452
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23904
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5648
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11372
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22112
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8620
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22504
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13392
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:1964
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4200
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7520
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22392
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11940
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23840
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6064
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12300
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23252
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8460
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22296
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13004
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8432
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4140
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7248
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21928
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9848
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22096
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:19672
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5972
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11524
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23124
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22448
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:9284
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22064
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:12356
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23432
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2972
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2372
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3172
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5096
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9552
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22248
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21920
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7476
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21976
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11820
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23620
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4544
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8716
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:20548
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6636
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:15000
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11412
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21960
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23896
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2520
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4764
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8816
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22128
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:16408
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6912
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12896
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22496
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11768
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23944
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4388
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8076
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13368
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9724
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6440
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:14992
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11332
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:21468
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1480
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2784
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4100
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7036
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:12648
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7512
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11556
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6048
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5780
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11744
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23612
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23864
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9104
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6188
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:20484
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4116
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6660
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:15112
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9784
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22136
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22056
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5940
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11468
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22480
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:9704
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23044
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:22168
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:1372
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4172
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7768
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12384
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23500
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5988
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12324
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23380
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8040
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22368
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11612
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23356
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4132
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:7364
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:15064
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11812
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23012
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:5980
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11428
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5820
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:9276
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5844
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:12332
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:23460
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:3012
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2220
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2596
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2056
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:984
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:3552
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:5856
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:12308
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:23364
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9144
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        9⤵
        
        PID:15056
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:20508
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5060
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:9296
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12236
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23872
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7528
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11924
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22344
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3684
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:4908
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12468
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:24272
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9824
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23784
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21484
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5168
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9564
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23204
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22240
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7492
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:5052
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11956
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23928
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3048
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3660
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6052
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12436
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:24240
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8500
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13272
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9776
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5176
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:11420
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23220
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7536
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22512
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11916
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23036
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3828
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6384
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13080
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:24560
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9896
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23276
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:16456
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5328
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11396
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22416
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8484
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13156
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5668
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2916
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:1924
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:3624
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:6000
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12564
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:6008
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8444
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:12996
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:23300
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13264
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5152
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:9928
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22272
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:19648
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7832
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12228
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23984
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3740
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5812
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:12516
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22872
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9792
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21984
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5200
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11444
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23084
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23412
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7784
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13212
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23180
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2172
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3864
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6592
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:15136
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11404
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23476
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5376
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11380
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22352
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8628
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:24264
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13376
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9324
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:3836
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6488
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:19212
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11492
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23556
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23856
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5336
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11516
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23832
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8476
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22088
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:13256
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:14896
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1580
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:576
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:2812
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:4692
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:8512
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22320
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:13048
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23596
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6904
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:12556
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:24280
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11804
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23936
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4372
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8064
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22280
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13384
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6272
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12868
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:6380
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9880
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:4688
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:16524
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2636
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4244
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7952
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13180
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23572
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6192
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12508
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:7696
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9872
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:16416
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4124
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6652
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:15096
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9840
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23976
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:19656
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5964
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9980
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22200
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:9536
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:22264
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1768
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2480
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4956
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:9264
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:22120
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:12340
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23388
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7152
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21952
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9856
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23816
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22192
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4520
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8308
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11436
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23172
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6564
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:14464
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:10548
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23628
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:2724
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4452
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7996
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22304
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13012
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7624
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6416
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13056
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:24256
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11292
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23372
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4364
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8136
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22232
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11604
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23348
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:6280
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:12860
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23532
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:9904
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:22032
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2004
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2976
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2268
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:3080
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:5000
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:7704
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        8⤵
        
        PID:22384
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:12376
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23484
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:1144
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21420
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11792
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23244
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4536
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8176
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:21968
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:11588
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23340
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6620
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:14984
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11340
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23316
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2580
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4484
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8012
        
        C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        7⤵
        
        PID:23792
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:13224
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23564
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:6472
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:15008
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:11308
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23052
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4396
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7896
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22104
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13092
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23588
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6424
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12796
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22432
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:9864
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5092
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5776
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:408
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:2360
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:4944
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:8668
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:19228
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7136
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21816
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9808
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22520
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4528
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8692
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:19692
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6572
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12804
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22328
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:10540
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23260
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6752
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:2576
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4464
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7984
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21840
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13360
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9524
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6432
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:15040
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11548
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8588
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4380
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:7904
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23952
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:13148
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23508
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:6448
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:12572
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:24248
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:11300
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:23324
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1684
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:1556
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:3208
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5136
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:10532
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:21436
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:7776
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:22456
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12364
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23420
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4552
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8468
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:13168
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8060
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6628
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:15032
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11348
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23212
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:696
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:4712
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9088
      - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        6⤵
        
        PID:23516
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:19684
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:6896
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:12688
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:23604
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11784
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23060
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4436
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:7972
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:16448
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:12940
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:24092
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:6408
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:15016
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:10564
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:22464
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:704
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:2436
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:5044
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:9712
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:22048
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:7484
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:24232
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:11948
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23912
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4512
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8704
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:8004
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:20540
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:6520
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:13196
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8608
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:11324
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:21476
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  PID:2756
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4616
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:8788
    - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
        5⤵
        
        PID:5040
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:20532
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:6792
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:12460
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:23800
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:11500
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:23452
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  PID:4356
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:8492
  - - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
      4⤵
      PID:22288
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:12948
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:22964
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  PID:6320
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:12660
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:7968
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  PID:10168
- - C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
    3⤵
    PID:4964
- C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b3a9b6af74d96c22918b3e14bb937a1e29a9c16e2e5d77b4aa6fdfd067ae4daa_NeikiAnalytics.exe"
  2⤵
  PID:22224

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\african fucking several models feet traffic .mpg.exe

Filesize
1.5MB

MD5
a5ce81669797d61153843a7ffa5b96d2

SHA1
175c806706bc2264065d48a82d2750bbe0a6c5c0

SHA256
62180c0b5a2d674d18e71fa2f152be044248703c8b0177c1e037c180060b26f9

SHA512
94c934d4b812c639a4df85aa950589825a7d8110d229b06a4d18fb7ec5c302c6e6b130856de13e8e08fa6ba48b7367d1ecbbd145fa2e339255c2687f6fa6af19

Download Submit
C:\debug.txt

Filesize
183B

MD5
f4cddab7339fe8ce4c27f534799bd439

SHA1
8881a8f2c79e7be877901239400362f42b4fb6f7

SHA256
a9c1bc2c20684364e3d589db76b419808339688b01994532ebf7636d527bbd78

SHA512
8c67bcc3dbe51b2b3f70006d60bc917d792bae14a175f764bbe12630829d3ac699245c6c73a2b56a238ae048445560e7a4f7bc352fb59785e67d425edd6cb0e0

Download Submit
memory/2444-96-0x0000000075170000-0x0000000075173000-memory.dmp

Filesize
12KB

Download