2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6

Analysis

max time kernel
149s
max time network
123s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 02:41

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
Size

40KB
MD5

feb761cc1b3b2f8626a71194efa46510
SHA1

eafe20d4f79124efcafc0b704cbad63856f02c2b
SHA256

2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6
SHA512

eac6c88345f34f0c28ce2fdb476553c2f1a4507264b24d17d007a4d9777384acfd01439bafdf5bb06cfe0378ff43940b614765dc4024b2b7ee574138d0663f9a
SSDEEP

768:W7BlpppARFbhbt7Y7FoICOiJfoICOiJQ444Zqu:W7ZppApWmjXs

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3451) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\javafx-doclet.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application_zh_CN.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyScenesBackground.wmv.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\userContent_16x9_imagemask.png.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mexico_City.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Asuncion.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Kaliningrad.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libball_plugin.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\larrow.gif.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\luac.luac.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Barbados.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Prague.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench3.nl_ja_4.4.0.v20140623020002.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-multiview.xml.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-snaptracer.xml.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\Gadget_Main_Background_QuickLaunch.png.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-util-enumerations_ja.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Managua.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\desktop.ini.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_transcode_plugin.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\Media Renderer\DMR_120.jpg.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.bin.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Whitehorse.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Hong_Kong.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\PresentationFramework.resources.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\shuffle_up.png.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\ja-JP\js\RSSFeeds.js.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msaddsr.dll.mui.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\720_480shadow.png.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-masterfs.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Beulah.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\Shvl.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\ucrtbase.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\handsafe.reg.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Belize.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser_5.5.0.165303.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rcp.application.ja_5.5.0.165303.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\core\locale\core_visualvm.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Portable Devices\sqmapi.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Seoul.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_gtk.css.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jp2iexp.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\es-ES\FreeCell.exe.mui.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Classic.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\de-DE\ImagingDevices.exe.mui.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Tongatapu.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Windows.Presentation.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\en-US\js\library.js.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Mahjong\MahjongMCE.png.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll.tmp	2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2f671b32a2522a38b652f5378ac0e91efa59aa6d508ab672df642f00d82b9de6_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1612

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp
Filesize
40KB

MD5
e779cead9f9e729bbb10eb5d04fc7fc3

SHA1
065010e9867fa1dc88eb37832e76f784763e6c09

SHA256
5432898eb462821c8c202b5a76dba59620809fccd087aaf400b1813a185cdd15

SHA512
a10fb8b7ddff909b4e4553c87d37e12a49f60e3c5727840cb4128a06041042c90d7c027b78d46008a4d31940bdbb50a81284b677befe99ec5bc771895a82e110

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
49KB

MD5
ee85b1ae6752ad279646f798e5642a3e

SHA1
e445f6cf335e20a961526bb3d1e0738cf655ece6

SHA256
2f08a9577193350fb9e5b7ded25882ab913318e0ff0fc45029e728b770821f11

SHA512
08c14d1a48d53bfab306b70d8532ab238cc539e7a106f18ddb4c47eb4288291ca2ce2a984bee32939d93986d5c1e46d78de91a8d643e26c9664221f06a5d8d62

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads