327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b

Analysis

max time kernel
84s
max time network
126s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:33

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
Size

36KB
MD5

b1bb2845282618f5f93e903e05831e20
SHA1

48506d020d487fdb0728b715354e00852c5919d7
SHA256

327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b
SHA512

7d7826d0803dfb1681617700cbd1afc22574cd8c176ffd94a402f9ef040433ffc7038a490971a911c33553038557463a03776dec164e342643413327c1277199
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBN2TQ1nrq9SBotHL/XBotHL/k:W7BlpppARFbhknr7BotHDXBotHDk

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2204) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sl-SI\tipresx.dll.mui.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_PreComp_MATTE_PAL.wmv.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management-agent.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\MST7.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\InputPersonalization.exe.mui.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\PreviousMenuButtonIconSubpi.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\plugin2\npjp2.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guayaquil.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\include\win32\bridge\AccessBridgeCalls.c.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Saipan.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.properties.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.sat4j.core_2.3.5.v201308161310.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\klist.exe.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\NavigationRight_SelectionSubpicture.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsMainToScenesBackground.wmv.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\dcpr.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winClassicHandle.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\NavigationUp_ButtonGraphic.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-core.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\ShapeCollector.exe.mui.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\babyblue.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\glass.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Mazatlan.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rainy_River.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-core-ui.xml.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msdaprsr.dll.mui.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\1047x576black.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer_3.2.200.v20140827-1444.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-text.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\th.txt.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_zh_CN.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\ShadesOfBlue.jpg.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Andorra.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.core.databinding.nl_ja_4.4.0.v20140623020002.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\Panel_Mask_PAL.wmv.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\te.pak.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\sunmscapi.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Tunis.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\Timeline.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado20.tlb.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\dragHandle.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\installer.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-autoupdate-services.xml.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\org-netbeans-core-windows_visualvm.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusalm.dat.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\LICENSE.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.garbagecollector.nl_ja_4.4.0.v20140623020002.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fontconfig.bfc.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lt.txt.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_rightarrow.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\stopNetworkServer.bat.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\fonts\LucidaSansDemiBold.ttf.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-autoupdate-ui_ja.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Microsoft.Ink.dll.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationLeft_SelectionSubpicture.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\4to3Squareframe_VideoInset.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\16_9-frame-highlight.png.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.css.swt_0.11.101.v20140818-1343.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-openide-awt.jar.tmp	327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\327614ecbf369a3a766bb48b3077d61cf3af57069c0f96a552fa5f4d21eed23b_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2056

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp
Filesize
36KB

MD5
f9f4ddbf85e8f000e4c667b4ecb20028

SHA1
a79c270b59381908be9831b13ac60af3a2bc72ee

SHA256
734b968482b4ee32dcd6364d7c44e178db9594a2f65de80ba5bcf2a892f045d8

SHA512
831e5523b9202b8bfdac33d4ea66273a0f7dae069dab536bf94769547766cf12c05c142e290ef2b8817602f7e0cd9a5d3ce5bac77d4fa6095afb352589c8aebd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
45KB

MD5
cdd3d1e1db4e28ad16d8feb0bf7d2738

SHA1
0c9256402bde26bbe5d22df85f6b82e843621dc2

SHA256
2d81d0048a7002cf6b39ec6238e7030703cff24b26e2de5bdfa71f20c2436b5f

SHA512
7d9dd024a3d8db5684e96e3ecf056c73be452af9a2dade1b5707d319f40e660faec397101a57b635c7191660e7a279848aa4877313a9ae5e93a0d50469c3ec6e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads