2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf

Analysis

max time kernel
13s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 01:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Size

1.9MB
MD5

f900c07429e7fdc5f17313784f9aaf00
SHA1

6071b9e1cf9a3ec46b9b18e5c4a3d92feac961ad
SHA256

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf
SHA512

0ee14a9b9509c9f614f601a09b25c766155cb1beba78be0b8810bb97b4bf2d5104ed539411b81c46d62cdb65e6bfa4d64295b805c6030d1c75ee2a260c6b9c7d
SSDEEP

49152:VLNE5uNk6m86PaLJbAMKBb7ob0mIR0UVX/9s1Yk+:XAup1LJbh90L0UVXy9+

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Checks computer location settings 2 TTPs 16 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

description	ioc	process
File opened (read-only)	\??\M:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\S:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\G:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\K:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\O:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\U:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\W:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\X:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\J:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\L:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\N:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\T:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\E:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\I:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\H:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\P:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\R:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\V:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\A:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File opened (read-only)	\??\B:	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Drops file in System32 directory 12 IoCs

Processes:

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\swedish animal lingerie licking (Melissa).rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\xxx several models .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\tyrkish horse hardcore masturbation .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\horse hot (!) feet .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\black kicking xxx lesbian hole upskirt .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\malaysia trambling voyeur cock mature .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\brasilian handjob gay several models titts sweet (Liz).avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\danish action gay [milf] upskirt .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\gay hidden .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\danish handjob lesbian [free] .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\hardcore [free] gorgeoushorny .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\american handjob hardcore full movie .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Drops file in Program Files directory 18 IoCs

Processes:

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Microsoft Office\root\Templates\russian fetish trambling lesbian hole pregnant (Samantha).rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Updates\Download\trambling big cock .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\american cum sperm [free] cock hotel .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\indian handjob lesbian masturbation feet gorgeoushorny .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\Temp\italian beastiality fucking big glans (Britney,Jade).avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\nude beast [milf] hole upskirt .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\italian cum blowjob hot (!) .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\italian gang bang blowjob girls (Tatjana).mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\microsoft shared\tyrkish kicking lesbian [bangbus] shower .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\dotnet\shared\beast [milf] titts .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\russian cumshot horse lesbian gorgeoushorny .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\beast girls hole 40+ .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\american animal hardcore hidden .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\italian kicking hardcore big sweet .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\hardcore lesbian (Jade).rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\horse uncut granny .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\black gang bang fucking sleeping glans gorgeoushorny .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\xxx uncut (Sylvia).avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

Processes:

2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\mssrv.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\InputMethod\SHARED\tyrkish gang bang trambling licking cock .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\indian gang bang gay lesbian feet shoes (Janette).zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost_31bf3856ad364e35_10.0.19041.1202_none_621728fcd3c9d5f6\black cumshot xxx public upskirt .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.1_none_2fe79eae2833b9b1\japanese fetish trambling several models mature (Sonja,Sarah).mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\german gay public 50+ (Ashley,Sarah).zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\tyrkish kicking xxx hot (!) feet (Britney,Jade).zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\kicking bukkake lesbian feet YEâPSè& .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\italian porn lingerie public cock blondie .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1_none_3cfd44d351b1a8ab\lingerie masturbation pregnant .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\asian lingerie lesbian Ôï .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.1_none_f42978969c79336a\american beastiality xxx masturbation .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\japanese nude blowjob [milf] .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\danish beastiality horse voyeur feet shower (Sarah).zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\indian handjob fucking full movie (Samantha).rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\porn lesbian girls glans latex .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\american fetish blowjob full movie granny (Sandy,Sylvia).avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\swedish cumshot horse hot (!) (Melissa).mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\swedish fetish gay uncut balls .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SystemResources\Windows.UI.ShellCommon\SharePickerUI\swedish nude horse public traffic .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\french fucking uncut titts upskirt .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\italian horse beast sleeping titts pregnant .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\swedish kicking blowjob public (Tatjana).zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\chinese gay licking circumcision .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\swedish beastiality trambling [free] blondie .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\SharedFileCache\brasilian cumshot beast lesbian upskirt .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\brasilian cumshot lingerie girls titts balls .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5021dd18efc0460c\swedish kicking gay [bangbus] glans .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..s-ime-eashared-ihds_31bf3856ad364e35_10.0.19041.1_none_e8996b7d3512363f\japanese cumshot xxx lesbian black hairunshaved (Sandy,Sarah).mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.964_none_1c1a193f5bfcf136\french horse [milf] traffic .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\fucking sleeping cock castration (Liz).mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\black cum lesbian licking .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\security\templates\lesbian hot (!) .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\swedish cum horse big swallow (Ashley,Melissa).mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\african blowjob girls high heels .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.844_none_57eddd48e7a74274\canadian hardcore full movie hole .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\malaysia fucking masturbation .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\italian kicking gay several models .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.572_none_cf90e12518baac85\norwegian xxx lesbian granny .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_en-us_215194e2327a46ac\asian beast hot (!) girly .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_es-es_30d7585a049f5b52\norwegian bukkake masturbation beautyfull .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\horse big .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_ee7ea14f7d8a3ee3\kicking horse hidden glans .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1_none_19d22204a1f3fcaf\fetish blowjob girls ash .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\italian fetish beast full movie castration .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1288_none_ca3007304990b2ea\fucking hidden sweet (Britney,Jade).mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_uk-ua_5b152a8d329397ec\french xxx big hole circumcision .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\blowjob big .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.746_none_ab42fb092bda9182\cumshot gay full movie .mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\african blowjob [free] mature .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\action blowjob public traffic .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.1266_none_7916f7558927ae23\beast voyeur latex .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\CbsTemp\italian gang bang horse full movie (Karin).rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\swedish fetish beast lesbian bondage .rar.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\british horse hot (!) hole upskirt (Janette).zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\japanese cumshot trambling voyeur cock (Britney,Tatjana).mpeg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_d38ece58f77171b4\italian cum hardcore masturbation hole shower .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\kicking fucking voyeur glans .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\indian nude fucking sleeping hole girly (Karin).avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_it-it_bdb6c49fcea35732\asian trambling big titts .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\kicking hardcore licking wifey .zip.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-devdispitemprovider_31bf3856ad364e35_10.0.19041.867_none_c29826784f9429f8\norwegian xxx uncut hole .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\brasilian action gay masturbation .avi.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
File created	C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\indian handjob lingerie lesbian cock blondie .mpg.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

pid	process
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
232	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
232	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1376	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1376	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
5112	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
5112	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1652	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1652	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
828	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
828	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3360	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3360	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1368	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1368	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
364	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
364	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4904

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2844

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4344

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:788

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:3360

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:1180

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:5432

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:10432

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
9⤵
PID:6416

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:13196

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:20788

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:7052

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:18512

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:8508

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:16932

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:12080

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:3380

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:6616

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:17556

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:8452

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:17440

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:12928

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5900

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:9480

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:5748

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:13292

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7704

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:18064

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8276

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16940

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13448

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:4848

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5408

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:11240

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:13060

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:6980

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17764

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8500

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16272

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13376

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:4296

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7868

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:12904

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8284

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:5764

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13568

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6148

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10804

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13180

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:15616

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8372

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17432

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13408

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1652

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:1452

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5544

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:11248

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:12972

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:15224

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:9908

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7288

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17504

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8300

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16984

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13536

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:4580

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7828

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17632

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8252

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16496

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13552

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6004

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:11172

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13116

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7780

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7848

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:400

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8268

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:4728

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13584

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:4064

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5480

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10168

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16360

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13260

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:9152

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6048

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:18520

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8548

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:4188

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13328

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:4316

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:11224

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:20972

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:12956

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:16308

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6920

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:17696

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8484

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:16860

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:12996

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:15216

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:2680

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4684

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:232

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:888

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5648

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:10152

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:16692

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:13244

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:14848

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7320

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17996

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:1372

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:3084

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:11524

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13044

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:19840

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:3588

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7892

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17460

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8228

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17540

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13528

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6504

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8704

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16992

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13392

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8428

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17488

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13400

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:4396

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5424

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10444

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:19848

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13204

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:14868

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7060

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17468

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8532

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16616

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13284

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:1216

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6388

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10932

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13164

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:14372

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8404

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16852

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:12948

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:14932

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:4736

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6080

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:9488

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17988

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13268

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8564

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5836

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:12616

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1376

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:3144

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5604

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10504

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:11304

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13100

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:21040

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7196

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17964

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8308

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16504

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13432

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:2848

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:10312

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:6460

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13220

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:15620

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6380

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:9496

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16672

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:4160

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8412

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:18504

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:11568

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:364

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5488

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:10320

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:14832

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13752

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13228

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6912

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:3480

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6632

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8324

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:19300

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13416

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:2396

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8364

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:18056

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13592

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:6608

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:17496

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:8460

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:16876

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:12844

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3896

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1684

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:1368

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:3964

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5440

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:11232

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
8⤵
PID:20384

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:12964

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:14308

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:20408

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7140

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:18528

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8556

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16884

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13344

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:2548

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7084

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:17512

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8540

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16900

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13336

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5916

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10484

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:10048

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:12988

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:15348

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:7204

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7712

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:2068

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8196

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8020

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:11508

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13076

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:20216

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:3248

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5472

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:2200

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:20224

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:12980

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:15104

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:15912

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7280

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5780

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8212

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17164

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13576

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5040

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6952

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:19380

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8492

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16528

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13352

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6036

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:10916

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:19916

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13124

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7420

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:7884

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:3136

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8244

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:16284

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13028

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:15244

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:14492

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:828

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:1392

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5416

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10144

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
7⤵
PID:16868

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13236

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:14812

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:7148

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:3212

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8524

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16516

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13308

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:4244

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6512

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:18568

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8444

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16892

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13320

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5940

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:11012

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13132

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8712

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8356

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5808

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:11532

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13068

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:19996

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:1752

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5512

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:10664

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:21032

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13092

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:20716

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6872

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:17860

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8204

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8120

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:11540

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13052

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:19864

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:2460

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6400

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:10624

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13188

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:14572

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8420

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:16948

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13004

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:15092

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8040

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:5908

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:10924

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:11688

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13156

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:14148

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:7696

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:16956

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:8236

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:16976

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:11548

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:13036

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:4332

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1560

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:5112

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:2128

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5464

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:10940

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:13140

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:8792

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:1128

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5724

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8220

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16964

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:11164

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:19316

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13108

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6928

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:1532

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:6756

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17520

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:8468

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:17000

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13368

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5864

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:9780

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:16580

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13276

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:7688

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:4376

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8260

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:3148

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13560

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:3340

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5308

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:11516

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13084

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:21048

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6764

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:17480

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8476

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:19180

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13020

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:2440

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8396

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:17820

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13544

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:6192

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:10996

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13148

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8580

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:8380

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:17548

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:13424

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
PID:896

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:3668

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:5456

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:10160

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
6⤵
PID:5588

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:13252

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:7164

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:2948

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8316

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:16712

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13300

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:1920

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:7124

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:5784

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8516

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:16316

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13384

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:5932

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:10424

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
5⤵
PID:19308

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13212

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:14816

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:7720

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6340

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:8292

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:17684

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:13440

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:3864

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:5448

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:10840

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:13172

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:8012

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:7156

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:17844

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:8572

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:6216

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:13360

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:644

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:8388

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
4⤵
PID:17156

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:12940

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:6496

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:19052

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:8436

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
3⤵
PID:5788

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:13012

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:15236

C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe"
2⤵
PID:16416

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\italian kicking hardcore big sweet .zip.exe
Filesize
1.9MB

MD5
c4b16817b827fa6184276d0be9638483

SHA1
340a92552d62329abf6bc959648626f9c30cf587

SHA256
4c334cb9be90ab4e215ee33b32697b3dc0ee75d5ffdda74f20d284937dd685b9

SHA512
b3540dc277aee25d446c7ce9ce9a72942a4362fd93f6bdddee36d04f662ddee7713e0b35fd520b966704929f7609cc8279cc09d17033fa84320769684f6d3054

Download Submit
C:\debug.txt
Filesize
146B

MD5
6ab047ae99879b36090f422537b15a61

SHA1
ef7fed7ebe958750df1b50e8628cc483b15890a3

SHA256
72b73f804d7495020ab4c7ac1d022cfd177800ff57ad2fb891c1e4e8a85c3f66

SHA512
2caebacf2434e3fb79221dc0d380640eb3ddd79a1fd78e5a8df88961b0d33926f81cb9261e9ecab20141857bafcbbac5b917c2e969abcf3875e6161984b8438a

Download Submit
memory/232-185-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/364-192-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/644-208-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/828-189-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/888-195-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/896-186-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1128-240-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1180-202-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1216-205-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1368-191-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1452-201-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1560-171-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1652-188-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1684-176-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/1752-197-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2128-200-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2440-206-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2460-204-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2844-32-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3144-196-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3248-199-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3340-198-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3360-190-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3480-244-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3588-207-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3864-194-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3896-155-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/3964-203-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/4344-149-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/4396-193-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/4684-170-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/4904-0-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5112-187-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5424-209-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5448-211-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5456-210-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5480-214-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5488-215-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5512-212-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5544-213-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5604-216-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5648-217-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5864-218-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5908-219-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5916-220-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/5932-221-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6036-222-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6048-243-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6080-223-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6192-224-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6388-225-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6400-226-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6496-228-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6504-227-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6512-229-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6608-230-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6616-231-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6756-232-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6764-234-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6872-245-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6920-233-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6952-235-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/6980-236-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7052-237-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7084-241-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7124-238-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7148-239-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7156-247-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7164-242-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7196-246-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7320-248-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7688-249-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7696-256-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7704-250-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7712-251-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7720-252-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7828-253-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7848-254-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7868-257-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7884-255-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/7892-258-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8196-259-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8204-260-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8212-272-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8220-261-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8228-273-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8236-262-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8260-265-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8268-266-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8276-267-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8284-268-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8292-269-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8300-270-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8324-263-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8372-264-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/8396-271-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download

description	pid	process	target process
PID 4904 wrote to memory of 2844	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 2844	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 2844	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 4344	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 4344	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 4344	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 3896	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 3896	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 3896	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 4684	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 4684	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 4684	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 1560	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 1560	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 1560	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 788	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 788	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 788	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 1684	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 1684	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 1684	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4684 wrote to memory of 232	4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4684 wrote to memory of 232	4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4684 wrote to memory of 232	4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 1376	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 1376	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 1376	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 896	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 896	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 896	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1560 wrote to memory of 5112	1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1560 wrote to memory of 5112	1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1560 wrote to memory of 5112	1560	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 1652	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 1652	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 1652	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 828	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 828	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 828	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 788 wrote to memory of 3360	788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 788 wrote to memory of 3360	788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 788 wrote to memory of 3360	788	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1684 wrote to memory of 1368	1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1684 wrote to memory of 1368	1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1684 wrote to memory of 1368	1684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 364	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 364	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 2844 wrote to memory of 364	2844	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4684 wrote to memory of 4396	4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4684 wrote to memory of 4396	4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4684 wrote to memory of 4396	4684	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 3864	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 3864	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4904 wrote to memory of 3864	4904	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 232 wrote to memory of 888	232	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 232 wrote to memory of 888	232	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 232 wrote to memory of 888	232	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 4064	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 4064	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 4344 wrote to memory of 4064	4344	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1376 wrote to memory of 3144	1376	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1376 wrote to memory of 3144	1376	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 1376 wrote to memory of 3144	1376	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe
PID 3896 wrote to memory of 1752	3896	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe	2cddbf2a060d3651b7eadebd90ee5bf56442182a0bb5a71c5506d3d03cc602bf_NeikiAnalytics.exe