b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20

Analysis

max time kernel
14s
max time network
128s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
29/06/2024, 17:19

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
Size

1.8MB
MD5

067d5d1049f93fce2f9ebe054981cd70
SHA1

9d7b82e81174af585da7426b1bda4ca5a4f58817
SHA256

b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20
SHA512

66a4066f16c87a2fa70f74cfbdc61031b18e6b4522c29aebde97aee5e520299e9500b0b4b4e3dfb7859f335788cff4403aeabe21dff4aa4adefffa39b9e519fe
SSDEEP

49152:VpxDOJ/VKzALe8NPhHHsMsJ+/UN1VrEcf9iTHinc3Zc:DlI/CzgPdK15rE6YTHinic

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

description	ioc	Process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\A:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\B:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\H:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\L:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\X:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\E:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\I:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\M:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\R:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\W:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\G:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\J:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\N:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\V:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\K:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\O:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\P:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\S:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\T:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File opened (read-only)	\??\U:	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

description	ioc	Process
File created	C:\Windows\SysWOW64\FxsTmp\cum blowjob hidden feet castration .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\fucking [bangbus] leather .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\black cumshot horse catfight shoes (Ashley,Samantha).mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\american animal fucking big traffic .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\russian animal xxx girls girly (Anniston,Curtney).mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\tyrkish kicking blowjob public .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\lingerie masturbation glans bondage .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\hardcore [bangbus] hole castration .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\indian cum gay full movie (Janette).zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\trambling hidden \× .avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Google\Update\Download\tyrkish action xxx [bangbus] .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\trambling full movie .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\brasilian fetish lesbian uncut feet .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\danish fetish beast several models (Karin).mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\sperm [bangbus] granny .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\tyrkish cumshot gay full movie YEâPSè& (Sandy,Janette).mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\norwegian horse [milf] feet .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\italian animal lesbian girls hole mature (Tatjana).zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\russian horse lingerie several models .avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\swedish animal trambling several models glans mature .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\tyrkish handjob beast licking hole .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\beast public ìï .avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\japanese porn trambling licking cock blondie .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\indian fetish beast [free] .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\trambling voyeur cock .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe

Drops file in Windows directory 31 IoCs

description	ioc	Process
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp\indian fetish hardcore full movie .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\security\templates\indian kicking sperm masturbation .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\brasilian action trambling sleeping glans black hairunshaved (Janette).avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\trambling masturbation hairy .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\indian handjob sperm licking (Janette).mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\bukkake catfight shower .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\indian fetish blowjob sleeping titts traffic .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\italian fetish xxx girls (Tatjana).mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\swedish handjob fucking catfight glans .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\beast several models girly .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\Downloaded Program Files\blowjob big circumcision .zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\beastiality beast uncut titts ¤ã (Sylvia).avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\lingerie uncut titts .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\tyrkish cum lingerie several models (Sylvia).rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\horse uncut wifey .avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\bukkake public young .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\russian animal blowjob uncut hole girly (Sarah).rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\italian kicking blowjob uncut glans lady .avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\bukkake licking glans .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\horse hot (!) feet tÛ (Sarah).rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\tyrkish fetish sperm girls ash .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\swedish animal blowjob lesbian .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\indian porn trambling full movie .avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\italian horse sperm [free] .rar.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\indian nude gay masturbation (Liz).avi.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\german beast hot (!) feet pregnant .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\trambling sleeping titts shower (Sylvia).zip.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\japanese action hardcore catfight (Jade).mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\japanese cumshot horse [milf] high heels .mpeg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\swedish cumshot fucking masturbation lady .mpg.exe	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 56 IoCs

pid	Process
2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2784	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2804	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2852	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1588	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1988	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2168	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1628	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1076	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1420	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2784	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1568	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1620	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2804	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2288	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2232	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2236	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2072	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2240	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2044	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
3024	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
3024	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1876	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
1876	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2052 wrote to memory of 2140	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	28
PID 2052 wrote to memory of 2140	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	28
PID 2052 wrote to memory of 2140	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	28
PID 2052 wrote to memory of 2140	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	28
PID 2140 wrote to memory of 2472	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	29
PID 2140 wrote to memory of 2472	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	29
PID 2140 wrote to memory of 2472	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	29
PID 2140 wrote to memory of 2472	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	29
PID 2052 wrote to memory of 2416	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	30
PID 2052 wrote to memory of 2416	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	30
PID 2052 wrote to memory of 2416	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	30
PID 2052 wrote to memory of 2416	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	30
PID 2140 wrote to memory of 2464	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	32
PID 2140 wrote to memory of 2464	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	32
PID 2140 wrote to memory of 2464	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	32
PID 2140 wrote to memory of 2464	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	32
PID 2472 wrote to memory of 2960	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	31
PID 2472 wrote to memory of 2960	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	31
PID 2472 wrote to memory of 2960	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	31
PID 2472 wrote to memory of 2960	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	31
PID 2416 wrote to memory of 2972	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	33
PID 2416 wrote to memory of 2972	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	33
PID 2416 wrote to memory of 2972	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	33
PID 2416 wrote to memory of 2972	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	33
PID 2052 wrote to memory of 516	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	34
PID 2052 wrote to memory of 516	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	34
PID 2052 wrote to memory of 516	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	34
PID 2052 wrote to memory of 516	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	34
PID 2472 wrote to memory of 2804	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	35
PID 2472 wrote to memory of 2804	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	35
PID 2472 wrote to memory of 2804	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	35
PID 2472 wrote to memory of 2804	2472	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	35
PID 2140 wrote to memory of 2784	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	36
PID 2140 wrote to memory of 2784	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	36
PID 2140 wrote to memory of 2784	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	36
PID 2140 wrote to memory of 2784	2140	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	36
PID 2416 wrote to memory of 2852	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	37
PID 2416 wrote to memory of 2852	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	37
PID 2416 wrote to memory of 2852	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	37
PID 2416 wrote to memory of 2852	2416	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	37
PID 2972 wrote to memory of 1588	2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	38
PID 2972 wrote to memory of 1588	2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	38
PID 2972 wrote to memory of 1588	2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	38
PID 2972 wrote to memory of 1588	2972	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	38
PID 2960 wrote to memory of 1988	2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	39
PID 2960 wrote to memory of 1988	2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	39
PID 2960 wrote to memory of 1988	2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	39
PID 2960 wrote to memory of 1988	2960	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	39
PID 2052 wrote to memory of 1628	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	40
PID 2052 wrote to memory of 1628	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	40
PID 2052 wrote to memory of 1628	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	40
PID 2052 wrote to memory of 1628	2052	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	40
PID 2464 wrote to memory of 1076	2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	42
PID 2464 wrote to memory of 1076	2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	42
PID 2464 wrote to memory of 1076	2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	42
PID 2464 wrote to memory of 1076	2464	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	42
PID 516 wrote to memory of 2168	516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	41
PID 516 wrote to memory of 2168	516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	41
PID 516 wrote to memory of 2168	516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	41
PID 516 wrote to memory of 2168	516	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	41
PID 2784 wrote to memory of 1420	2784	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	43
PID 2784 wrote to memory of 1420	2784	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	43
PID 2784 wrote to memory of 1420	2784	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	43
PID 2784 wrote to memory of 1420	2784	b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe	43

C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2052
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2140
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2472
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      Suspicious use of WriteProcessMemory
      PID:2960
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1988
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:2344
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:3212
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:5828
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        9⤵
        
        PID:10456
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:9880
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:4756
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:10912
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:9768
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:2456
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:5132
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:10820
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:8708
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:3820
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:9248
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:5952
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10392
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:2288
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:868
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:3980
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:1648
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:6208
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10112
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:3396
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:6416
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:5208
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10384
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:1000
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:3896
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:9960
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:5696
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10672
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9324
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3344
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6176
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10120
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4836
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10664
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9968
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2804
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        Suspicious behavior: EnumeratesProcesses
        
        PID:1620
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:1484
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:3576
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:6200
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        9⤵
        
        PID:10520
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:10096
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:5564
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:10244
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10312
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:540
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:5416
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:10216
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10000
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4256
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10828
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6956
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:11236
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3036
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:3640
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:6984
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10616
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:5572
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10788
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3152
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6168
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10448
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10944
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4496
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10064
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9952
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2232
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:1280
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4064
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:9824
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6216
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10440
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10104
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3428
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6480
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10136
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5108
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9616
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9840
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2388
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4020
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9744
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6684
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:11228
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3356
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6496
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10680
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5156
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:552
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10276
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2464
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1076
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:928
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:3240
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:5704
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:9896
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4624
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10040
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9984
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:2700
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4712
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9920
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3852
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9240
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5748
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9816
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2072
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:2696
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4796
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10224
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3748
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9944
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5944
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:11024
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2704
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4248
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10048
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6392
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10176
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3500
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6192
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10836
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5620
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10552
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10284
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2784
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1420
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:2408
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:3416
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:6660
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:11000
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:5100
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10724
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9308
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:788
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:5396
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:2556
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4144
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9992
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6360
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10936
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:1916
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3388
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6456
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10472
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5148
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10772
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10208
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2492
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5240
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10160
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10184
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3868
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9256
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5836
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10072
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:1568
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2208
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3704
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:7012
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10408
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6020
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10852
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3264
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5756
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10504
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10192
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:4460
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10796
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9232
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:1804
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3440
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5872
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10536
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10596
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5140
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:8992
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10604
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:2540
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:4736
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10008
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9316
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:3876
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5880
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10580
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:5772
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10488
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:10328
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2416
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    - Suspicious use of WriteProcessMemory
    PID:2972
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1588
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:2108
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:2268
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:5856
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        8⤵
        
        PID:10696
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10656
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4168
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6280
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10432
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:2652
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4432
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:7020
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10528
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10464
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3624
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9752
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5612
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10088
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:2240
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:2668
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4704
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10024
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9832
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3664
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9792
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5680
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9928
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2708
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4312
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9728
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3556
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9300
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5232
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10568
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9336
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2852
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      Suspicious behavior: EnumeratesProcesses
      PID:1876
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:560
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:4964
        
        C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        7⤵
        
        PID:10588
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9856
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4112
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9800
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:7000
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10424
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:11148
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2648
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4788
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10016
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9936
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3692
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9976
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5584
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10496
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10780
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2236
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:852
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4004
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:9704
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6268
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10804
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3404
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6488
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10560
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5092
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10144
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9912
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:1252
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3676
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:6944
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10168
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5688
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10480
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9848
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:3224
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:6184
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10544
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10640
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:4684
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:11008
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:9808
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:516
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2168
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:1912
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:3296
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:6232
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10632
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5032
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10732
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9888
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:2016
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4844
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10252
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9760
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3912
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10080
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:6852
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10992
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    - Suspicious behavior: EnumeratesProcesses
    PID:2044
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:916
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:4576
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10268
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:9864
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3884
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5812
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10292
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:6588
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:11048
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:2096
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:4304
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10032
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:6964
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:3476
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:6924
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10704
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10400
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:5504
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:10128
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1628
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:1500
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:3276
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:5928
      - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        6⤵
        
        PID:10512
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10304
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:4472
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10152
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9292
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:2536
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:4972
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:848
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10200
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:3828
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5592
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:11040
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10812
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:5764
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:9904
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3024
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:2004
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:4828
    - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
        
        "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
        5⤵
        
        PID:10320
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:6912
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10688
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:3860
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:5864
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10232
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:5604
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10712
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:9784
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  PID:2632
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:4380
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:9872
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:6976
  - - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
      "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
      4⤵
      PID:10416
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:10624
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  PID:3564
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:9776
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  PID:5216
- - C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
    3⤵
    PID:10260
- C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe
  "C:\Users\Admin\AppData\Local\Temp\b4d2f29b960c8c1a055b279dc277ed1a0cbe8b60e842a15f80a37094fc3cda20_NeikiAnalytics.exe"
  2⤵
  PID:9736

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\japanese porn trambling licking cock blondie .rar.exe

Filesize
982KB

MD5
1b1a56165bf546249f45b98061e88e57

SHA1
96f8957f63a37f3087f403c1ceea8fa8e8ab2184

SHA256
4de323807b70687a98ba9894821ee694b318d48e3648c37dafb74943316787a1

SHA512
34abcd9e6fd20796042d1ce962d30ff1e1ad80a16cc255bf289a9979bc8c9c38032dbfffe22b0ce45b89a063ad503dea3a73a11974af64209fe2adb5200ee42f

Download Submit