4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01/07/2024, 10:31 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
Size

40KB
MD5

fcf238eee47ad77e4941d50116b3f630
SHA1

e0a20b73fd318d5ba43525a24305d2106def078b
SHA256

4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378
SHA512

3821775506bc088f62259fe7b6c5452682b4f7b1f9bcab28aa4038578ae8b9fd2f6f3a99400812060ec8781b07ae9b5fbc87a6b4ba50c5d41393d4e808a76c55
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBN2TQ1nrq9SkpaTLkpaTA:W7BlpppARFbhknr6A0AA

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3499) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_heb.xml.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\splashscreen.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.commands.nl_zh_4.4.0.v20140623020002.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-options.xml.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_pt_BR.properties.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\batch_window.html.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\ja-JP\css\settings.css.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\ja-JP\msadcor.dll.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\fil.pak.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Zaporozhye.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hu\LC_MESSAGES\vlc.mo.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\graph_down.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\skins\default.vlt.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\it-IT\js\settings.js.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-progress-ui.xml.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_snow.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_ButtonGraphic.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Dawson_Creek.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Sydney.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-attach.xml.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\fr-FR\jnwmon.dll.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\avtransport.xml.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\clock.html.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_gray_rainy.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\ShapeCollector.exe.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationUp_SelectionSubpicture.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_ja.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_zh_CN.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-nodes.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libcroppadd_plugin.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\es-ES\js\library.js.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\logo.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-2.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.command_0.10.0.v201209301215.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\weather.html.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IPSEventLogMsg.dll.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\it-IT\msadcor.dll.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-waxing-crescent_partly-cloudy.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\rtstreamsource.ax.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Currie.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-spi-quicksearch_ja.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh87.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\librtp_plugin.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_floating.png.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fr-FR\InkObj.dll.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_es.jar.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\javacpl.cpl.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\PresentationFramework.resources.dll.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\rtscom.dll.mui.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Notes_LOOP_BG.wmv.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome.exe.sig.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javah.exe.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.tmp	4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\4afe7325cdbbaf6071318a12e0246a3570df583a9e1ca8b2858fd93eb3e07378_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp

Filesize
40KB

MD5
06ec75a652196fa92b4842718fa857e6

SHA1
db2ff2f6ddf74587a3b6c9e907676363d8a2dcf1

SHA256
31544976e80dba2ba3606d04ab56c4c85b1cf934b9070e6f625ad1a644dcd404

SHA512
0828874cb4448b5d4f0db820ff4f17983f6cb52f39502af4d8e35fa088fd5d3930d4d47ba2701ee792574fae2b7be0547a99582bf9d8b06f0208cd287a0bbb7f

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp

Filesize
49KB

MD5
ebfa45e7d386014d4caf20f360cf0e2a

SHA1
a7ce450f3a1a1b4d162604a58ccd6fd364ca3109

SHA256
1bbc5e6d9ffe0bf40f95fe15918344254463b88514531ae49d3763631b3f12d2

SHA512
d24e8307491b7e9c8d4c45bc8427c01e86fc356df69d7be880cb0aa47d91191015ee65aac36ddcf106ca190005641fb3a53d2f12b4595b4afd26b503fbfe51ac

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.