2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7

Analysis

max time kernel
137s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 01:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
Size

60KB
MD5

d3a2a7caf647ec8649f1bdce64d4dd50
SHA1

12d52e91838558d86d99723173cabbd952a0c25b
SHA256

2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7
SHA512

b6da5cfda10083505aebd24195f877ea42c511723747b9a27211a306319b6fd371cf680bbfb270f33a7b5056194d5a90742f883916bff0c05766b587f42e3a48
SSDEEP

768:/7BlpQpARFbhIYJIJDYJIJPfFpsJcFfFpsJcC+3mC+3meD2qArJtqArJT:/7ZQpApze+eJfFpsJOfFpsJ5Du

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2516) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Singapore.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Dawson_Creek.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jp2launcher.exe.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\THIRDPARTYLICENSEREADME.txt.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\META-INF\MANIFEST.MF.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jp2ssv.dll.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Argentina\San_Juan.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ta.pak.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\about.html.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jfxwebkit.dll.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Havana.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javafx-font.dll.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Lindeman.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\GRAY.pf.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_it.properties.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.e4.rcp_1.3.100.v20141007-2033\epl-v10.html.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\artifacts.xml.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.net.win32.x86_64.nl_ja_4.4.0.v20140623020002.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-explorer.xml.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\New_Salem.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\zh-CN.pak.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\java-rmi.exe.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Novosibirsk.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.properties.src.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guatemala.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ulaanbaatar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Bissau.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Dubai.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\tipresx.dll.mui.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.servlet_8.1.14.v20131031.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\nacl_irt_x86_64.nexe.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Majuro.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-sa.xml.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\msdasqlr.dll.mui.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Toronto.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-6.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\mlib_image.dll.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\leftnav.gif.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_classic_winxp.css.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-progress-ui_zh_CN.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\AssertDebug.dotm.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jce.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-application.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Phoenix.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaBrightItalic.ttf.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-windows_ja.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-sa.jar.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\license.html.tmp	2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2c63e9bc11d157fbac473912c72bd8e0ff5bdae3be2a84202c708c2107c27ae7_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
60KB

MD5
456c66904e6a802418a0176d05cdea97

SHA1
4c1c4b17864cacb37971b19bde6ccfab35428346

SHA256
d9569248fade749fa1ad99abb002cd9684c435918c02aa6ce89d01908c819cd2

SHA512
923b0b1663e46f39bedd883d5411c118c4ec71708a95e79bba1fd76b62cdec044139bba8199a798dedc593fc3c04fc6f2568a4702390896628525ad4f34c62b6

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.exe

Filesize
69KB

MD5
b32d011e0a096435cf56bc47805b164b

SHA1
ff04f9e01e509019d1fff44106f1524f744d01d1

SHA256
f43fb60a36ef0825f6b549d1e188bcca5098d6294a7813af17b2eecd6a58cf89

SHA512
a8c9ed04c0a94bcfc50de0eb4e0c6298020a8c2ba35910a0c3f3bde482f909649c625194c99619806128568afedf52a69007ad04a67f2dfd9676117976ce4688

Download Submit
memory/1996-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/1996-160-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads