1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240220-en
resource tags

arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
submitted
30-06-2024 00:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
Size

54KB
MD5

8eebf8336ac8632f0f71796700f66c30
SHA1

3bfaf3b6f2282c3727085ee69b01bfe562521c15
SHA256

1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3
SHA512

7c564d4fe7cbd2251831e739e7acab39f1d880e280d428e285170582e4e44c13eda02094d0455d3d58d048852bce243c0030de05a52137b5d2ec90ace30ec081
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBNKVkVYLMF/cnacnw:W7BlpppARFbhFAYLMF/J5

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3734) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Circle_VideoInset.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Easter.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Tongatapu.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmad_plugin.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\de-DE\MpAsDesc.dll.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Blue_Gradient.jpg.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\Providers\Proximity\11.00\engphon.env.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\settings.js.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-compat.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_ja.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libtimecode_plugin.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\ja-JP\gadget.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\RSSFeeds.html.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Hand Prints.htm.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicTSFrame.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-cli_ja.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\ui-lightness\images\ui-bg_glass_100_f6f6f6_1x400.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\THANKS.txt.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_zh_4.4.0.v20140623020002\eclipse_update_120.jpg.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_ButtonGraphic.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\wsgen.exe.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Srednekolymsk.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.base_4.0.200.v20141007-2301.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_ja.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\ReachFramework.resources.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dts_plugin.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqloledb.rll.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\trad_m.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\setup_wm.exe.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\THIRDPARTYLICENSEREADME.txt.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\gadget.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\BIBUtils.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\sports_disc_mask.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBluHandle.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\bckgRes.dll.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\requests\playlist_jstree.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\41.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\huemainsubpicture2.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\fr-FR\Minesweeper.exe.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\forms_super.gif.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\FDFFile_8.ico.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler_ja.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\System.Web.Entity.Resources.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\de-DE\WMPDMC.exe.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\es-ES\wmpnssui.dll.mui.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\de-DE\gadget.xml.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core_zh_CN.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\epl-v10.html.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.ibm.icu_52.1.0.v201404241930.jar.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\UIAutomationProvider.resources.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\weather.html.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Linguistics\LanguageNames2\DisplayLanguageNames.en_GB_EURO.txt.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tabskb.dll.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\South_Georgia.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPBlue.png.tmp	1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\1410fe8dfc50fffffe76d619597243b8623c08e869e6e98ed2e1f0712b9d72e3_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2721934792-624042501-2768869379-1000\desktop.ini.tmp

Filesize
54KB

MD5
44d4d4b62aa07237b5842a93eb69d5c4

SHA1
1271244db472b7414e6e365cd7bbedeca22cb041

SHA256
120cff14946859f712f831e7124efba5b3dc55c52281ea5657dc4d39bdf1fc60

SHA512
ac59d3d800b46fec009a87fc2dd1e670dd0b607556ee73a6d5224d982bebeeff1c59950d5609f3b74c07c3dd5a2d29c4a0017a4783bed2729e8fcb88393ae05f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
63KB

MD5
e36cf7d9b75fac748a355544af32c821

SHA1
e65f56be2b52ea073606abf207383c05bf843dfd

SHA256
7174635e0426fa0ce688f41f817e30cd0d7d7f33164436309ec8a26b349df166

SHA512
606cce80b2d60b07d9fc9d404559c118f5136f9dbfed1e47b8cb48f713022c2989a667fc8d1886d95fc1adb3cfbdcb5635a76b4b4d020c1e751e32d7d98615d4

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads