25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60

Analysis

max time kernel
150s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 00:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
Size

37KB
MD5

cc9449a4703add8b0b15e3b0f34b93e0
SHA1

23360608689d3e144986b8b0d0c0829b227d6da8
SHA256

25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60
SHA512

3345d32cd8402d979e6839942c39ca63ee1b98fb813783ab986381fdfde300500b82546e6007d488f108abb893ccfeccace7e6718d89288cf9e2e2d2c25d5854
SSDEEP

768:W7BlpppARFbhjbhPKueKudLwtxtugXZ5OXa9LwtxtugXZ5OXaapqp+:W7ZppApB7tlJ5OvtlJ5OFpqp+

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3663) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\fr-FR\css\RSSFeeds.css.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3_0.12.0.v20140227-2118.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-lib-profiler-ui.xml.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\vlc-48.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn_IN\LC_MESSAGES\vlc.mo.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\8.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\Annotations\Stamps\Words.pdf.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-iio.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.equinox.nl_zh_4.4.0.v20140623020002.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\MineSweeper.exe.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_few-showers.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\TipTsf.dll.mui.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-editor-mimelookup-impl_ja.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host_ja.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-gibbous_partly-cloudy.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-profiling.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Tahiti.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Tirane.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\.lastModified.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\drag.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\14.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\106.0.5249.119.manifest.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Stockholm.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\TypeSupport\Unicode\Mappings\win\CP1251.TXT.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_zh_CN.jar.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Novosibirsk.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_ButtonGraphic.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfxwebkit.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationCore.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Design.Resources.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\skins\winamp2.xml.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\en-US\js\picturePuzzle.js.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\CoolType.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msador15.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hi.pak.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\eclipse_update_120.jpg.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Vostok.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A90000000001}\setup.ini.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\MANIFEST.MF.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Eucla.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Linq.Resources.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\libxml2.dll.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\LINEAR_RGB.pf.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Casablanca.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\es-ES\css\picturePuzzle.css.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\wmprph.exe.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\es-ES\calendar.html.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\LightBlueRectangle.PNG.tmp	25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\25ded4da19b6ab54e03d6136d2fc1d87bf8f5d00edd921bacafffc1a0ff4bc60_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2580

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp

Filesize
37KB

MD5
9c76c6463e484df280a5bd9d6184d4e1

SHA1
481291a905ecad0fec10400a5b6f42d64902b02b

SHA256
15cc89b200f578cbea03b41db56835972508633272ed37df65d50917b4f9cc03

SHA512
c4be3223ca456f72cc74371cef0c21283aaba8a9de480643cc38659c1b546169f525c76f64f00386d233bb53e6a6d462947655099b923dead09f238dc1e68e06

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
46KB

MD5
4c5b6b4d188d79223c1698b2c4440f34

SHA1
0cee0f79f64e9c5bbb48c2dff02bdfe6402674ef

SHA256
549e616e59a3872db9c7d5ef790266287ae450fdfa143a379822bfb9862f3027

SHA512
8de7fc32e54b0ed289586affc3868107244674072b1ae95207c101bbff38cb5e5bb9bce8882ba96a4590bdd16b93461edc5a77ebc57967d210f2d5102353be51

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads