Analysis
-
max time kernel
150s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 09:54
Static task
static1
Behavioral task
behavioral1
Sample
48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe
-
Size
48KB
-
MD5
116de5b2d018e63c777da70e943ad8d0
-
SHA1
e4454d4d38f32baa3cb7d78c4893a06df24d8f06
-
SHA256
48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710
-
SHA512
1f4fbea41e0299100f0df2ff68ae97c5859b4f32fd85d8fa11d05358ca20d84c9f07bb4a2d4a85f5828f00033181d6fd70e03d9a1ae47208fa16f825d47ce896
-
SSDEEP
384:GBt7Br5xjL9AgA71FbhvuNBNsjLKoWFKryoWFKrRYKYUosMosnn/oA/op9IsS:W7BlpppARFbhWJq5nosMosa9IsS
Malware Config
Signatures
-
Renames multiple (3611) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Drops file in Program Files directory 64 IoCs
description ioc Process File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\toc.gif.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Sao_Paulo.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_thunderstorm.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Nipigon.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\de-DE\OmdProject.dll.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Moncton.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_zh_4.4.0.v20140623020002.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\locale\cs\LC_MESSAGES\vlc.mo.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\ms.pak.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\pack200.exe.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\epl-v10.html.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui_5.5.0.165303.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.update.configurator.nl_zh_4.4.0.v20140623020002.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Journal\es-ES\JNTFiltr.dll.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Common Files\System\Ole DB\es-ES\sqlxmlx.rll.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\bin\jinfo.exe.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Pangnirtung.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\images\bNext-hot.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\es-ES\RSSFeeds.html.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\alertIcon.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Yakutat.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\management\jmxremote.password.template.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_pitch_plugin.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\3.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkObj.dll.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\pagecurl.png.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground_PAL.wmv.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\server\Xusage.txt.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+11.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach.zh_CN_5.5.0.165303.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Microsoft Games\Chess\fr-FR\Chess.exe.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\7-Zip\Lang\be.txt.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Google\Chrome\Application\106.0.5249.119\resources.pak.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Antigua.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Boise.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\Etc\GMT+1.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\SystemV\AST4.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\es\System.Data.Entity.Resources.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Defender\it-IT\MsMpRes.dll.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\net.properties.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jre7\lib\zi\America\Juneau.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Common Files\Microsoft Shared\ink\en-US\rtscom.dll.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\bin\attach.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-execution_ja.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Media Player\de-DE\wmlaunch.exe.mui.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\css\localizedSettings.css.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.Design.resources.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\VideoLAN\VLC\plugins\access\libattachment_plugin.dll.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Antarctica\Rothera.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe File created C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-core-kit_ja.jar.tmp 48b9e425e584c511b0ed01a410d20f79e0c93277fa4980c43ebdb2f65b4d2710_NeikiAnalytics.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
48KB
MD5521a3ab197492017f80519f9d3cd8e67
SHA10d5d4a25079b43eeb907fac301db457cb23c997c
SHA2568e06f1d5090fa38a7fb4f5c67a32abec3bb4e70c3a3c79cc51136b4e912e4454
SHA51210d7f35f1fad55a06d698560a0e9d1a498ede4327c656b0e5dd021b3927017e1dec29e256f3db2d31fd6e3a2f4e76321211ad4ce9d635b9aac9e3b79493bd9b7
-
Filesize
57KB
MD5a02e8505db2963b65022c8f84232dba4
SHA16c441984b4d81f6952484e1f7cbac54bece23b3b
SHA256c43f64c6b0fe4480f84b8587ab857645876b390bf81fc2108eead418d8776459
SHA512ea4caad51acf5270333d98830476063d0f6feb5024d64b7125d4a8e15f808fda7500234518f1b889bd837483a15eba7521bdd8dbfa2d8735a4df16ecc492181c