323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf

Analysis

max time kernel
142s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:30

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
Size

81KB
MD5

dd33ec33103ef8599816207d91ec06f0
SHA1

1c1fd287a24a570fa934c9a22f9e04141d55e0da
SHA256

323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf
SHA512

ccdaea4a82c3d3b5b82992d4b4493e615c9e96f88af880d528081625f3a3f58d571a5370c8068498c0b0dfe497649a79e44f71695ba74681c2697c087a269e07
SSDEEP

768:W7BlpDpARFbhYQkQjjIXYvPXzWPXzK3733uF4V7en5c5HChCrmh1444REXBwzEXO:W7ZDpApYbWjIoPyPoLzV7c6Sh1X0

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2839) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\toc.xml.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.ssl.feature_1.0.0.v20140827-1444\about.html.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-settings_ja.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-text.xml.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\jaccess.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-swing-tabcontrol.xml.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\de-DE\bckgRes.dll.mui.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\Microsoft.Build.Engine.resources.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\es-ES\msdaremr.dll.mui.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Nicosia.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Wake.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-io.xml.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Gambier.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\LICENSE.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationRight_ButtonGraphic.png.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\YST9YDT.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationRight_SelectionSubpicture.png.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Azores.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-windows_zh_CN.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\sunec.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Rome.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Notebook.jpg.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\MSTTSEngine.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\schema\triggerEvaluators.exsd.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-application-views_zh_CN.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\specialoccasion.png.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jsdt.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\eclipse_1655.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\org-openide-modules_zh_CN.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Enderbury.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.bfc.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\installation_telemetry.json.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\maintenanceservice_installer.exe.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\ReachFramework.resources.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IdentityModel.Selectors.Resources.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\rmiregistry.exe.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ktab.exe.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-loaders.xml.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME-JAVAFX.txt.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\Passport.wmv.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_ja_4.4.0.v20140623020002.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_ja.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\ja-JP\SpiderSolitaire.exe.mui.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\whitevignette1047.png.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.touchpoint.natives_1.1.100.v20140523-0116.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-remote_zh_CN.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\sqlxmlx.rll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes.nl_ja_4.4.0.v20140623020002.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Easter.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\System.IdentityModel.Resources.dll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jetty.util_8.1.14.v20131031.jar.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-host-remote.xml.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Troll.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaTypewriterRegular.ttf.tmp	323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\323c8da39fd43b3493f572fea68531edfd4e55061bc8ab0be5816eaed7711acf_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1304

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3691908287-3775019229-3534252667-1000\desktop.ini.tmp
Filesize
81KB

MD5
b5a4a0a4953a20725df65c4c0492df71

SHA1
404c4af77ae9745a2a644151058dd38adda93844

SHA256
ea2091576921dc828e0afdfb049d94982a5a9ff5748d387bfdade2171f48a3c9

SHA512
2946d4091df493f396697c237524cd2b4a7a96893d53c9e835df36e170600df2a87d02129702085e85d4cd4a02338bb59442420440a84836f158aba07ad2a19b

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
90KB

MD5
f2b37e5311c59ac1b8b010a3337fa36f

SHA1
6c99ec5a22044c98d1179e902fd344df5e54dcb2

SHA256
97ec31299607e756483f2081e1b4518f41a0e830848d1abc1068f735ec747fe8

SHA512
5780306b305bd248ebbcd4367cb3367c2ce61c9e6318e4023dd3fc9101c708b14da3cb64f19f5a34d4fd07ea2ab6f7a949d1d8c2cabc2ed50b724d9b23ab247c

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads