327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978

Analysis

max time kernel
149s
max time network
127s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
Size

93KB
MD5

56a2ba86938b6f9aa953be370dda83a0
SHA1

05cf4ea9285ffbc170b373ae21c00dc25f3750ef
SHA256

327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978
SHA512

ef9f3734130685d4ef33cee9973c9915654446baaf5f5fb6a9ff0f192759db22acb75ff35eb8dd5fcc53d513c137594b2fea6d689f03177776d3537271f5c3ec
SSDEEP

1536:W7ZppApUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFsAcEhZ:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsg

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3267) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Jamaica.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.zh_CN_5.5.0.165303.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.w3c.dom.svg_1.1.0.v201011041433.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\mshwLatin.dll.mui.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\jawt.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\servertool.exe.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Chisinau.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Samarkand.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\vocaroo.luac.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Green Bubbles.htm.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-spi-actions_zh_CN.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-loaders_ja.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\it-IT\MSTTSLoc.dll.mui.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Atlantic\Faroe.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-lib-profiler.xml.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Oral.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\oskpred\oskpredbase.xml.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.attach_5.5.0.165303.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.beans.nl_zh_4.4.0.v20140623020002.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-masterfs.xml.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Samarkand.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\plugin.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\dailymotion.luac.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.babel.nls_eclipse_ja_4.4.0.v20140623020002\feature.xml.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-api-caching.xml.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2iexp.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\PYCC.pf.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-api-annotations-common.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Xml.Linq.Resources.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationRight_SelectionSubpicture.png.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.exe.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\javaws.policy.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msdaprst.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-spi-actions.xml.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\THIRDPARTYLICENSEREADME.txt.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.5\Workflow.VisualBasic.Targets.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.IdentityModel.Selectors.Resources.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pl.txt.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\DVDMaker.exe.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Glace_Bay.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.security.ui_1.1.200.v20130626-2037.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Honolulu.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\af.txt.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcommonlm.dat.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\msadcf.dll.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\CompareConvertTo.rar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\babypink.png.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt.nl_zh_4.4.0.v20140623020002.jar.tmp	327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\327ef6becaee1d8ae8b3b604e385d798c03f158cfb0bca547976b6b2edbba978_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2420

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-481678230-3773327859-3495911762-1000\desktop.ini.tmp
Filesize
93KB

MD5
b1368bafe31f4903309193de16677286

SHA1
ebe5f1b9517f6b0d007afbdfa7a989cae3d071cd

SHA256
2eb72ac9950a99a677d0721989b9d240b62df06568f5adbf090a7eaabb2d1632

SHA512
613e9490eb296ed0b4268148d83123ace2e4fba5b735a5194fbc3e667489f55ec65b3794588617456a521314ae34aafd2b043528d26d76595032feb971691ebe

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
102KB

MD5
2b91521e19679fc9a755565152a64edf

SHA1
7e57f01e0c2d4c91ceb1a814df2c1532a8d29027

SHA256
e401f5cedebed454f4033b10a56ca858a5a98210e3b08f7d2f4f0eb117d1cc48

SHA512
4b8d6dd26c0a088cf481849d60052db0e3ccba44e170d3bb050a2b25c4d9505cb835b2d96576c4908cec385e505ef4f89f8513fa9690c506bc55474ae8b2ebb1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads