2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe

Analysis

max time kernel
13s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 02:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Size

1.3MB
MD5

eac9403578d587d18be52608a8323220
SHA1

13266cafbd1ff9a59adc52cb5c5fb2df23f136e7
SHA256

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe
SHA512

326c24760ef7f2b33e1e2f18b8f8d9461fb5bcdc80829de1c7a06e0a8a94825f84d3ca2e97de736fa3bf0dc6feff7565176c7a56c618174b9e4fb440c2405ac3
SSDEEP

24576:2wKzBpDaBtdoB7SVY63swjzbKB/Y05os5Q3CzeAgW9U4wD8r5tbBcp:hKzBpX9BA3bwn5Q3CzeAbe4l5K

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Checks computer location settings 2 TTPs 16 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

description	ioc	process
File opened (read-only)	\??\E:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\M:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\N:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\O:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\A:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\G:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\I:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\S:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\X:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\H:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\K:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\L:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\R:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\V:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\B:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\J:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\P:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\T:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\U:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File opened (read-only)	\??\W:	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Drops file in System32 directory 12 IoCs

Processes:

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\SysWOW64\config\systemprofile\lesbian full movie titts .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\beast public glans penetration .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\japanese nude beast uncut bedroom .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\sperm hidden glans 50+ .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\indian nude beast voyeur .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\gay full movie hairy (Gina,Samantha).mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\lingerie hidden glans fishy .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\italian nude gay masturbation stockings .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\tyrkish gang bang beast full movie .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\blowjob [free] .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\lingerie public (Melissa).avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\norwegian blowjob several models cock .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Drops file in Program Files directory 18 IoCs

Processes:

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\russian handjob fucking sleeping feet .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\xxx catfight granny .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\blowjob lesbian (Tatjana).mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\Temp\indian fetish blowjob girls titts bondage .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\italian animal beast big lady .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Updates\Download\fucking uncut .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\indian horse trambling several models .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\lesbian masturbation hole .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\italian action blowjob uncut pregnant .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\american cumshot beast full movie bedroom .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\swedish handjob lesbian hot (!) cock beautyfull .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\italian action fucking big black hairunshaved .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\brasilian cum sperm girls feet .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\microsoft shared\tyrkish porn bukkake girls hole .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\dotnet\shared\japanese kicking xxx masturbation glans (Anniston,Sarah).mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\Templates\bukkake catfight shower .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\lesbian sleeping .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\bukkake hidden shower .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

Processes:

2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\british horse public .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.964_none_1c1a193f5bfcf136\tyrkish cumshot lesbian full movie young .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\american kicking beast masturbation (Jade).mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\beast public feet high heels (Jade).avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\trambling sleeping (Liz).zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.264_none_cb389cf57d74d691\fucking [bangbus] hole wifey .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\spanish lesbian hot (!) cock traffic (Sarah).mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\british hardcore voyeur (Sarah).zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..se-shared-datafiles_31bf3856ad364e35_10.0.19041.1_none_2f5f00d280dce9f6\canadian lingerie girls pregnant .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\japanese fetish hardcore voyeur titts .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\indian porn gay hot (!) .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\security\templates\american action fucking catfight ash .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\italian handjob bukkake uncut titts (Kathrin,Liz).mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\japanese cum fucking catfight hole beautyfull (Tatjana).avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\norwegian blowjob big .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.572_none_cf90e12518baac85\animal lesbian sleeping feet 50+ .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.1266_none_7916f7558927ae23\brasilian handjob gay public glans leather .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\indian beastiality bukkake full movie sweet .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\brasilian handjob trambling uncut .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\swedish cumshot beast [bangbus] .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\malaysia lingerie masturbation (Janette).zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-mccs-engineshared_31bf3856ad364e35_10.0.19041.746_none_d404daff82e97769\french fucking [free] cock Ôï .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\sperm several models glans circumcision .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_de-de_881b257d159a5de8\japanese kicking horse licking cock castration .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\handjob blowjob lesbian castration (Jenna,Karin).rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.844_none_57eddd48e7a74274\french beast [bangbus] circumcision .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.867_none_c29826784f9429f8\lingerie several models (Sarah).mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\danish beastiality lesbian uncut hairy .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\templates\tyrkish action blowjob voyeur traffic .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.1_none_c6da8048542fddc7\gay public feet (Anniston,Karin).mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\SharedFileCache\tyrkish handjob blowjob lesbian hole bondage (Sarah).zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\danish cum gay full movie penetration .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\japanese gang bang blowjob catfight pregnant .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\fetish bukkake catfight titts high heels .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\german lingerie uncut titts 50+ (Sarah).rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-jkshared-roaming_31bf3856ad364e35_10.0.19041.746_none_2212358fc33cc10f\lesbian uncut titts ejaculation (Curtney).avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1_none_19d22204a1f3fcaf\canadian blowjob [free] hole .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\Downloaded Program Files\japanese animal sperm sleeping .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\sperm hot (!) black hairunshaved .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\asian lingerie hidden (Karin).rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\sperm big lady .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\black horse lingerie [bangbus] cock latex (Sarah).avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\norwegian hardcore [bangbus] (Samantha).rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1_none_3cfd44d351b1a8ab\german hardcore catfight cock stockings .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\swedish handjob bukkake public pregnant (Jenna,Tatjana).mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\trambling big .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\chinese lesbian uncut bondage .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\german fucking lesbian titts sm .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.1_none_a80cea873b2a6772\handjob hardcore masturbation traffic .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\sperm uncut girly .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\italian cumshot hardcore voyeur glans sweet .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.1_none_2fe79eae2833b9b1\british lingerie licking .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\beast several models cock 40+ (Karin).rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1151_none_fbdc4c5f677dc2ec\malaysia lesbian full movie .mpg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\british lesbian hot (!) circumcision .avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.153_none_e23c926e32d07dc1\cum gay hidden .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\russian porn beast [milf] feet shoes .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\trambling big femdom (Kathrin,Tatjana).rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\xxx [milf] hole ash .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_5b152a8d329397ec\malaysia hardcore hot (!) fishy (Sandy,Curtney).avi.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.1_none_5d54c0aac5c3c12c\malaysia gay girls .zip.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\spanish beast girls .mpeg.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\malaysia fucking public .rar.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

pid	process
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2872	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2876	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2876	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2872	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
3876	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
3876	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
3552	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
3552	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1588	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1588	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4596	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4596	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1632	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1632	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1060	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1060	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
364	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
364	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4684

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4456

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:5044

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4612

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:4596

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:2004

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:5628

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
8⤵
PID:9920

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
8⤵
PID:13652

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:6076

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
8⤵
PID:12572

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:8076

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:9760

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:13528

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:5008

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:9888

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:14344

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:6012

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:12424

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:7940

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9848

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:14276

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:1412

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:5416

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:10740

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:15488

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:692

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:13096

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:8116

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:10104

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:14392

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:3800

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:10088

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:14384

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6220

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:14332

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8308

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9632

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13088

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2876

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:576

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:5576

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:9968

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:14308

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:6100

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:12592

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:8252

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9640

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13520

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:3360

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:8208

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9664

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13592

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6172

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13004

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8316

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9672

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13472

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:364

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:5556

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9960

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:14268

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6108

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:11520

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:16704

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8148

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9928

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:14316

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:3624

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8020

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9800

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13660

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:5896

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13072

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8184

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9696

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13440

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1716

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1588

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:4444

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:5836

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:13048

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:6036

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:12524

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:8012

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9832

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13608

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:2248

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:7016

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:10548

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:15624

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9912

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13636

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6188

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:12652

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:164

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9688

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13716

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:2324

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:5428

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9880

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13620

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6140

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:12896

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8156

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9704

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13496

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:3008

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:10632

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:14300

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:4828

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13064

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8268

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9624

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13456

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:2872

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:1064

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:5548

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9896

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13668

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6116

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13040

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8124

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9952

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:14400

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:1104

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6320

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:12644

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8324

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9656

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13512

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6164

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:12552

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8172

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9600

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13480

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:4476

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:5644

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9904

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13644

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6068

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:11784

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8060

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9776

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13536

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:4056

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8084

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9768

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13560

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:6020

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:12508

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:7960

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:9840

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:13600

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2200

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1920

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1060

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:4856

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:5620

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:10184

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:14420

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:6084

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
7⤵
PID:12456

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:8140

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9712

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13576

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:1152

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9864

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13692

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6212

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:12764

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8464

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9648

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13544

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:2668

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:5672

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13432

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6052

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:11692

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:17624

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8068

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9784

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13584

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:1648

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8052

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9792

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:14376

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6204

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13080

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8988

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9608

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13708

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3876

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:2416

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:5448

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:9728

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13552

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6124

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13056

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8108

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:10112

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:16592

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:1372

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6512

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:10816

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:15508

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:7988

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9816

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13684

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6196

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:12216

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:3700

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9592

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13448

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:3992

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:5592

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13032

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6028

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13724

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:7952

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9824

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13628

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:1740

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9976

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:14284

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:6156

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:12972

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:8164

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:9720

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:16600

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1584

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1632

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:1696

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:5472

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:10004

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:4300

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:6132

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
6⤵
PID:13424

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8100

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9744

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13504

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:3220

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8044

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9936

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13676

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6148

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:12560

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9584

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13464

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:1964

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:5740

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9996

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:11532

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6044

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:12464

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8028

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9752

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:14352

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:3448

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:7404

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:16916

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9856

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13700

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:6004

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:12636

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:7936

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:9808

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:14368

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3552

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:460

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:5584

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:8092

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:9736

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:13568

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:6092

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
5⤵
PID:12584

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:8132

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9944

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:2532

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:3936

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9576

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:15376

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:6228

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:10808

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:15500

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:8260

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:9616

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:14408

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
PID:832

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:5636

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:9872

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:13748

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:6060

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
4⤵
PID:12532

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:8036

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:10096

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:14292

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
PID:1704

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:10080

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:14360

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
PID:6180

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
3⤵
PID:12988

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
PID:3444

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
PID:9680

C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe"
2⤵
PID:13488

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\lesbian sleeping .rar.exe
Filesize
2.0MB

MD5
0b2d64b26456f8c738ec1cd99542688d

SHA1
f19828d932a70a0e8c09bcb2e8c5a4ba99b1ed75

SHA256
c269b3bcac546d2e4a43c271f6d3bc6de9262cd0a9c6a2d2d7a13e17fe7f035b

SHA512
3a61b4e9f6f3f3a2451a2c3a4c61d6df5ea87fcf713c96e8b87e0e6aa0e44cba8ac7f765f60ccb70a9ca3f7bef0368ee1e3bb3ba203dc94cb3eca043b969d3bb

Download Submit

description	pid	process	target process
PID 4684 wrote to memory of 4456	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 4456	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 4456	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 5044	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 5044	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 5044	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 2200	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 2200	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 2200	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 4612	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 4612	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 4612	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 1716	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 1716	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 1716	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 1920	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 1920	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 1920	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 1584	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 1584	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 1584	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 2876	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 2876	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 2876	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 2872	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 2872	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 2872	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 3876	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 3876	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 3876	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1716 wrote to memory of 1588	1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1716 wrote to memory of 1588	1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1716 wrote to memory of 1588	1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 3552	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 3552	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 3552	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4612 wrote to memory of 4596	4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4612 wrote to memory of 4596	4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4612 wrote to memory of 4596	4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1920 wrote to memory of 1060	1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1920 wrote to memory of 1060	1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1920 wrote to memory of 1060	1920	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1584 wrote to memory of 1632	1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1584 wrote to memory of 1632	1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1584 wrote to memory of 1632	1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 364	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 364	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 5044 wrote to memory of 364	5044	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 3992	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 3992	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 2200 wrote to memory of 3992	2200	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1716 wrote to memory of 2324	1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1716 wrote to memory of 2324	1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1716 wrote to memory of 2324	1716	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 4476	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 4476	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4456 wrote to memory of 4476	4456	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 832	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 832	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4684 wrote to memory of 832	4684	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4612 wrote to memory of 1412	4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4612 wrote to memory of 1412	4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 4612 wrote to memory of 1412	4612	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe
PID 1584 wrote to memory of 1964	1584	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe	2f3172055c4d276d121c5731598bfbf26ba126a6d10fa8b2ee1b48e322838ffe_NeikiAnalytics.exe