3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a

Analysis

max time kernel
150s
max time network
119s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 05:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
Size

81KB
MD5

ffa5980777799e90ae2b7c9ed04f3390
SHA1

11b1e91bad00177f822fe4c286b7006814d1cda4
SHA256

3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a
SHA512

1e98fd9f8fa46e7c32aa93be2ee236e7af55cdc4b6a6f840e36abbdfad8121847468354cf89d2e09b54711389b5e22714ff2e688e31ea7baa1a97e797db83097
SSDEEP

768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmh1444REXBwzEXS:W7ZDpApYbWjIoPyPoLzV7c6Sh1Xw

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3562) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\System\ado\fr-FR\msader15.dll.mui.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\vintage.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_btn-back-static.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\WET.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\boxed-delete.avi.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Manaus.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-filesystems.xml.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Rio_Branco.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Mail\wabfind.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf_3.4.0.v20140827-1444.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_win7.css.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\icon.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\CsiSoap.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.IdentityModel.Selectors.Resources.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_right_pressed.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.diagnostic_5.5.0.165303.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\ssvagent.exe.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Minsk.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\js\timeZones.js.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrlatinlm.dat.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\F12.dll.mui.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.ecore_2.10.1.v20140901-1043\META-INF\MANIFEST.MF.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\buttonUp_On.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\acro20.lng.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\UTC.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector_1.0.200.v20131115-1210.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\klist.exe.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbynet.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Detroit.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Web.Entity.Design.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bPrev-hot.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Malta.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\desktop.ini.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\Hearts.exe.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\visualization\libvisual_plugin.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\settings_left_disabled.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-12.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\wa\LC_MESSAGES\vlc.mo.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_ja.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\logo.png.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_scrapbook_Thumbnail.bmp.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\da.pak.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssLogo.gif.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jmx_zh_CN.jar.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Purble Place\en-US\PurblePlace.exe.mui.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\library.js.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\css\settings.css.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msaddsr.dll.mui.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\Timeline.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dtplugin\npdeployJava1.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Xml.Linq.Resources.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libbluescreen_plugin.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ug.txt.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jpeg.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IdentityModel.Resources.dll.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-threaddump.xml.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\install.log.tmp	3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3807c9324849e420d21dea1e750cbd85751b6f2980663467ac81907bbc6afb6a_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
81KB

MD5
226d42cc314d3f23b5901a7a8d3801f7

SHA1
d77a09b85172acd4c031172bc3f0f3a03253765a

SHA256
3bf833af4f2ec8896002c69268897adceefda4ba1d5cd578c37bc217c60047d4

SHA512
7c5279a6e75497355eb61efa918b54f900d861a22da39b2027dca5e697dbb28551d249f24dfb1a22765c671ba9af902a4179b710d5cff229c64078dc828a3e81

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
90KB

MD5
2a2fd549995e14853e7d544732a9601e

SHA1
bb9751be36213573b5bad1d840101842559008e5

SHA256
60e1625702cfbe5a12c71c43a45d147d26de6410aa6a06d01af22a8b0b71a4ff

SHA512
8b30f1d593d5b79cddd6f0266090f3e394c606517607035013004d9132f31d8345693342a16655d6c77518810eb325d7f33240c439a587a0eacaef0c55e8a884

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads