290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d

Analysis

max time kernel
149s
max time network
122s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 00:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
Size

90KB
MD5

d8fc11dec59f3d2e324bb7d3061cd680
SHA1

9fd7d29f0506a0a38d02a96412ff23c41fd54fc6
SHA256

290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d
SHA512

bccf9e5b1cf8e0af624bdd48f015b35a8a165595b077b386feb4c42b3911ecccabdab8d2e792c9eca4ce9b6881925f7fb6e4fd1823f3448d5c95d62b91f3932b
SSDEEP

1536:W7ZhA7pApMaxB4b0CYJ97lEVqNR7Yge+eJG/x/OfxRfxHAu39Au3t:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7N

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3141) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\7-Zip\7-zip.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\alt-rt.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-uisupport.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Title_Trans_Notes_PAL.wmv.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Bangkok.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\cs.pak.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_zh_CN.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Khandyga.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Paramaribo.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\cue.luac.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Subpicture1.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring-impl.xml.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-explorer_zh_CN.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ru\LC_MESSAGES\vlc.mo.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\mozglue.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadco.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_glass.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\layers.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.emf.common_2.10.1.v20140901-1043.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\fontmanager.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javaw.exe.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.jsp.jasper_1.0.400.v20130327-1442.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadds.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoDev.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Kathmandu.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tpcps.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainBackground.wmv.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.jrockit.mc.rcp.product_root_5.5.0.165303.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-api-caching_ja.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\AST4ADT.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\ja\Microsoft.Build.Conversion.v3.5.resources.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_travel_Thumbnail.bmp.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2ssv.dll.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\tools.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sl.txt.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\InkWatson.exe.mui.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msdaprsr.dll.mui.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ar.pak.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-options-api_zh_CN.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-queries_ja.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\bckgzm.exe.mui.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsrom.xml.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jconsole.exe.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.ssl_1.1.0.v20140827-1444.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\currency.data.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+11.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.zh_CN_5.5.0.165303.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.util_1.7.0.v201011041433.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-options.jar.tmp	290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\290d26dc0191919dff13acb6c541ce969c2bfa9909d08d3b43850c2ad2a13b2d_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:3000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp

Filesize
90KB

MD5
d2c0c669ad19ccfd7991bb65edd92aa1

SHA1
75b3fe7fb15f195e07a7cb193c259da74183bcf7

SHA256
05f3bb5857802caa7c5da53e2ba5e6b257f1b560fd762899aae93ee934adf842

SHA512
0c402d0fa0e7c13a07d150fdfe84555102c6080134f29d9586efdc31403635b604ef242fb547fb2f00bcbb51b6c7c9df3d1ead29ca767895c12ac3a9e28d2933

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
99KB

MD5
8e7797c0f882adef0bce358659f197f4

SHA1
a2e381a969c17bf323cca64137046b1fcb4680ee

SHA256
d3d7b7336a7b996ad039ef1abdce2704653e190d4315270de599e78fe7074ac5

SHA512
9888e15a1d89c95423d361e5813caf1b1ff82313f380f820c079fa9050d1d18fb083431a16db6ac5a05cb4d3412788e0c697528c14720259dadbdfcfd8547d4f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads