1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
30/06/2024, 22:38

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
Size

98KB
MD5

d06a72a026c4c3a0251ad4ed45d23970
SHA1

2c55d3c6ed1310735538049a62658e727accebc9
SHA256

1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d
SHA512

5b7886d0e5e5f320e1c1f2629911e4ed78f0a9e1ad50d7cd6194b51dc37a871275bc1d6126357bbc87d1526e864f92b2d01c416f6a29c510d5ef5116c6474d15
SSDEEP

1536:W7ZDpApYbWjIlE77ufL2e+efZwZQ/8S/8z3MLI:6DWpwE7oL2e+efZwZ08i8z3MLI

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3443) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boa_Vista.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\fr-FR\NBMapTIP.dll.mui.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\InkWatson.exe.mui.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\highlight.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\feature.properties.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-api-search_ja.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonInset_Alpha2.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\it-IT\settings.html.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_ButtonGraphic.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-util-enumerations.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\PresentationFramework.resources.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\WordpadFilter.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\service.js.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\epl-v10.html.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.components.ui_5.5.0.165303.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\help.gif.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libremap_plugin.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\ext\sunmscapi.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\micaut.dll.mui.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrb.xml.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\ieinstal.exe.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jsadebugd.exe.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Johannesburg.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Mexico_City.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\es-ES\settings.html.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\InkObj.dll.mui.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Costa_Rica.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Tallinn.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSLoc.dll.mui.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\mr.pak.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.reconciler.dropins.nl_zh_4.4.0.v20140623020002.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libpsychedelic_plugin.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\London.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\GMT.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationBuildTasks.resources.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\button_MCELogo_mouseout.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\pt_PT\LC_MESSAGES\vlc.mo.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Bangkok.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-jvm.xml.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\ext\jaccess.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\WindowsFormsIntegration.resources.dll.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\am\LC_MESSAGES\vlc.mo.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\icons\console_view.png.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.updatechecker.nl_zh_4.4.0.v20140623020002.jar.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-ui.xml.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\rtscom.dll.mui.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1f9d9d76f6ebd39c90f4d826e92daf8ad91bef79283a71d1d36093a2306a4a4d_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
98KB

MD5
d6d7a58ef32adc42fd6b3e087770b980

SHA1
010dac87a697c60fbd8a28307f57b36e3a1fc3b8

SHA256
d832f7f34a2ab2a88ee42c17cb6611bb36e776d8860ebfabcfcbd94f80ecdc07

SHA512
556917a157e25ea67a6825c3ffe5e2a453a84cf205108e17f59b7fe705b69c270d7f18fbc595e022d7f45a9698f6f1342eab507e95cb44ef99b360d43cdf433b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
107KB

MD5
ae26668dde5c749a2d2b863050e3e614

SHA1
f608b7601f865f55748fcee65a0a07e72751687f

SHA256
9d55b90dcc0a988a42009b685ee0dcb117e68b3776062a04a7e3820964f95b79

SHA512
6ab29aa40a6b0ffd43809dba8648b79c1e33c34b8eb0edaedc57a248848b01f6238921df1c235be5ff1bc70b5cee57bc9e8c350c33c072fb87f028f3e06f5e87

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads