2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175

Analysis

max time kernel
134s
max time network
52s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
01-07-2024 02:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Size

1.7MB
MD5

49bf127014a8472adecf4901d40d3570
SHA1

b26cb6b124ea8b255ec0576a3ffc3705827582a9
SHA256

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175
SHA512

5171d1d577af3b6571c348baf2619e87fb39a43dca481a6c0a3bed93e8134795326d8105f0e210e56d4f36befc6944c899dee7b82dd09a5eea9fa6262f2acb48
SSDEEP

49152:V2TjXNmpxly/TGwdRL1JrFf3kai5Ret99t/:0jX4Vy5nrFf3ktvet9f

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Checks computer location settings 2 TTPs 10 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

Processes:

description	ioc	process
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
Key value queried	\REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

description	ioc	process
File opened (read-only)	\??\I:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\P:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\X:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\A:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\J:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\O:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\R:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\U:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\B:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\H:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\K:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\L:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\M:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\N:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\S:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\E:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\G:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\T:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\V:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\W:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Drops file in System32 directory 12 IoCs

Processes:

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\SysWOW64\IME\SHARED\cum catfight black hairunshaved (Sylvia,Liz).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\japanese animal hidden titts YEâPSè& .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\cumshot cumshot catfight fishy .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\black kicking horse full movie redhair .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\SHARED\japanese gay animal sleeping feet .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\chinese beastiality kicking big mistress .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\System32\DriverStore\Temp\german horse several models cock girly .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\porn gay lesbian .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\WebDownloadManager\canadian handjob uncut penetration .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\gay gang bang hidden high heels .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\WindowsPowerShell\v1.0\Modules\SmbShare\porn hot (!) girly (Sylvia).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\black xxx girls (Sarah,Curtney).rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Drops file in Program Files directory 18 IoCs

Processes:

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\gang bang full movie sm (Christine).rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\hardcore hidden boobs .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\WindowsApps\Microsoft.WindowsMaps_5.1906.1972.0_x64__8wekyb3d8bbwe\Assets\Images\PrintAndShare\asian blowjob catfight ash .zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\WebResources\Resource0\static\js\plugins\unified-share\gay bukkake catfight YEâPSè& (Sandy,Jade).rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\dotnet\shared\horse voyeur femdom (Jenna).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft SQL Server\130\Shared\danish porn lesbian licking (Curtney,Sonja).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft SQL Server\130\Shared\sperm fetish [free] hotel (Curtney).mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\IDTemplates\indian cumshot catfight legs .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\EdgeUpdate_bk\Download\french sperm sperm sleeping .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft\Temp\gay masturbation granny .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\Templates\handjob hidden legs latex .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\indian action licking .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Microsoft Shared\black gang bang [bangbus] nipples balls .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\tyrkish horse lesbian girls vagina mature .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\microsoft shared\handjob masturbation bedroom (Liz).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Updates\Download\tyrkish gang bang uncut .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\nude several models (Jade,Melissa).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\indian hardcore beast [bangbus] .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Drops file in Windows directory 64 IoCs

Processes:

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\danish beastiality gang bang uncut .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.928_none_33e0d5558cdd7c61\porn hidden castration (Britney).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_en-us_310bfb76047869ad\black trambling lesbian catfight swallow .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_5fdc43acc1be690d\french porn lesbian legs (Sylvia).avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.1_none_5d54c0aac5c3c12c\chinese fetish trambling several models high heels (Jenna).mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\tyrkish kicking kicking [bangbus] ash girly .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\InputMethod\SHARED\chinese sperm xxx big leather .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\italian trambling [milf] .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_it-it_4c5922428a6f2d08\american bukkake hot (!) .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.844_none_67b5915b5651dd8a\british horse cumshot hot (!) swallow .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..se-shared-datafiles_31bf3856ad364e35_10.0.19041.1_none_2f5f00d280dce9f6\fetish girls (Tatjana).avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_ja-jp_ee7ea14f7d8a3ee3\beastiality girls .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..nearshareexperience_31bf3856ad364e35_10.0.19041.1_none_0b596e2a33be7d4c\american lesbian bukkake masturbation (Ashley,Janette).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-m..ineshared.resources_31bf3856ad364e35_10.0.19041.1_en-us_99ddc8ce8d3d6dac\russian fucking lesbian big boobs shoes .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\japanese gay hidden balls .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..utionservice-shared_31bf3856ad364e35_10.0.19041.1_none_0bc0f3d4cd7dc8fd\spanish handjob [free] titts bondage .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_10.0.19041.1_none_de1581e9a275faf8\handjob hidden Ôï .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.1_none_833abdc06c68d338\german horse cum several models girly .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_10.0.19041.746_none_ab42fb092bda9182\danish sperm girls .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.1_none_f42978969c79336a\fucking public penetration .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_de-de_16bd831fd16633be\lesbian action several models circumcision .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\security\templates\gay bukkake [free] .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\asian cum several models bondage (Jade).rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SystemApps\Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy\webapps\inclusiveOobe\view\templates\british hardcore sleeping ash swallow .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_10.0.19041.1_none_f07d4fae3e8e883f\trambling lesbian (Curtney).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1_none_19d22204a1f3fcaf\german beast lingerie [milf] bondage (Christine,Ashley).avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.1266_none_7916f7558927ae23\gay [milf] .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1151_none_fbdc4c5f677dc2ec\sperm sleeping cock blondie (Christine,Kathrin).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_es-es_211cf1c632a13851\african fucking hardcore sleeping high heels (Sandy,Jenna).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_c3d467c525734eb3\swedish lingerie voyeur ash young (Karin,Jenna).rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.1_none_f3b35d713ce0fc7f\spanish handjob girls pregnant .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.1_de-de_881b257d159a5de8\porn sleeping sm .zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ces-ime-eashared-lm_31bf3856ad364e35_10.0.19041.1_none_3d0229d17c310f10\tyrkish animal hidden shoes .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_10.0.19041.746_none_1bbb9ab9fc52bac9\asian nude voyeur boobs swallow (Anniston).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\black blowjob hidden gorgeoushorny .zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\japanese horse horse [milf] nipples mature .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-composable-sharepicker_31bf3856ad364e35_10.0.19041.1_none_c87e96327faffd0e\beastiality lesbian nipples mistress .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SystemResources\Windows.ShellCommon.SharedResources\bukkake big leather (Tatjana).avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-a..gement-uevtemplates_31bf3856ad364e35_10.0.19041.1_none_0d66b54875835a49\sperm [free] black hairunshaved (Jade).avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..ashared-filemanager_31bf3856ad364e35_10.0.19041.844_none_855aff45853749ef\swedish sperm masturbation circumcision .zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_it-it_adfc5e0bfca53431\malaysia gay cumshot full movie ash .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-eashared-imebroker_31bf3856ad364e35_10.0.19041.84_none_81616275259e37fe\porn hot (!) ash beautyfull .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_10.0.19041.844_none_57eddd48e7a74274\spanish lesbian licking black hairunshaved .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_fr-fr_62312bfbb33d478a\french action masturbation stockings (Liz).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-h..public-utils-shared_31bf3856ad364e35_10.0.19041.1202_none_d8a1416ab7cccdcf\bukkake blowjob [milf] wifey .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\french cum big hole circumcision .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\italian action sperm big ash .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.1_de-de_7860bee9439c3ae7\italian sperm bukkake masturbation .zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_10.0.19041.906_none_ef0e010d1381269b\brasilian porn lingerie [bangbus] (Gina,Gina).rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_en-us_bfae5918c0443f83\xxx animal public traffic .mpeg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_10.0.19041.1_none_8c0b126c198fcf70\german hardcore hardcore sleeping shower (Britney).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_hyperv-compute-cont..ce-shared.resources_31bf3856ad364e35_10.0.19041.867_en-us_49453482f1fb5356\cumshot public nipples bondage (Britney).mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-onecore-sharehost.resources_31bf3856ad364e35_10.0.19041.789_en-us_58ebf9ecc407e3c0\norwegian nude animal hidden Ôï .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..e-eashared-moimeexe_31bf3856ad364e35_10.0.19041.746_none_d01527cffa9c25bc\indian xxx girls wifey .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_10.0.19041.1_es-es_bf79b5fcc06b3128\italian xxx public leather .mpg.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_10.0.19041.1_none_a7ad1894592cfa12\italian hardcore public (Christine).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-manager-shared_31bf3856ad364e35_10.0.19041.153_none_e23c926e32d07dc1\blowjob trambling masturbation .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-i..ore-shareexperience_31bf3856ad364e35_10.0.19041.964_none_1c1a193f5bfcf136\sperm catfight hole penetration (Jade).avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\fetish kicking public titts sweet .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\indian horse nude public high heels .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_10.0.19041.1_none_4c786ae2f508e6d5\beast lingerie [milf] boots (Britney,Anniston).zip.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\WinSxS\amd64_microsoft-windows-hvsi-service-shared_31bf3856ad364e35_10.0.19041.1_none_3cfd44d351b1a8ab\porn kicking [milf] .avi.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\SharedFileCache\swedish beastiality girls nipples .rar.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 62 IoCs

Processes:

2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

pid	process
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4188	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4188	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3416	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3416	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3112	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3112	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2516	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2516	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4636	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4636	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4208	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4208	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4288	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
4288	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2180	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
2180	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 63 IoCs

Processes:

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
1⤵
- Checks computer location settings
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:5060

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3904

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2400

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1448

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:4208

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:2624

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:5468

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:9632

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
9⤵
PID:13860

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
9⤵
PID:21424

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:11372

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:15288

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:6688

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:18364

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:8788

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:14964

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:12896

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:11516

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15264

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:748

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:7536

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:15132

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:11804

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15424

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:21616

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:5916

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:11860

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15760

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:7968

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:1364

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11740

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15464

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:21608

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:4316

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:5492

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:11524

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:14784

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:6644

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:17308

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:8720

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:14752

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:12464

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11684

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15400

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:4560

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:8680

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15068

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11636

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15344

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17132

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5860

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:13060

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15704

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:22124

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7904

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:16556

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:21772

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11772

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15816

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3416

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:4568

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:5800

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:12440

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:16060

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:6896

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:17260

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:9484

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:13328

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:16124

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11380

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15148

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:4520

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:8712

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:14996

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11628

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15752

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5908

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12368

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15784

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17120

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7944

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14476

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11756

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15352

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:22116

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:4424

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5500

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:9736

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:14736

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:12888

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11356

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15208

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7220

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17276

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:9976

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11348

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15172

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:4816

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8572

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:3816

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11644

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15480

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:21580

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5844

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:12424

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15964

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7892

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15060

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11780

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15408

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:21564

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4528

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2516

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:4488

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:5484

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:8928

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:13452

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
8⤵
PID:16084

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:11404

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15304

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:21572

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:6796

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:16688

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:8944

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15052

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11452

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15824

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:2812

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:8552

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:20440

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11660

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11312

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5884

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12376

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15744

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7920

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:16680

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:21788

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11872

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:16076

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:1028

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5748

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:13048

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:16052

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:6888

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17324

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:9212

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15044

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11396

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15720

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:4948

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7528

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15076

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11556

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15416

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:17152

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5932

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:12360

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15776

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:8056

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15108

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11700

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15728

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:4188

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:4452

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5392

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:9660

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15012

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11364

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15164

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:6636

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:20424

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8704

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14760

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12520

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11596

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15440

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:16492

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:2792

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:9536

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14792

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11388

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15156

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5924

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:12448

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15848

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7984

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14908

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11732

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15832

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:3812

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5404

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8852

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14972

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11508

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15736

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:6672

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:17284

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:8780

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14920

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11500

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15328

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:4468

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7576

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:16656

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:21780

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11796

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15432

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:13740

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:5940

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:12384

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15792

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:7976

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:3328

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:11716

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:15448

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:17796

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:5088

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:3492

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:4288

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:2628

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:5740

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:11532

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:16044

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:6880

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:20448

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:9168

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:15116

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11444

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15196

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:4048

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:7644

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:16696

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11788

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15456

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17200

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5900

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12416

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15840

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7928

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14776

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12536

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11724

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15472

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:22048

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:2712

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5476

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:10152

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:13192

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11340

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14956

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:6812

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17300

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8908

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15004

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:13260

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11476

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15320

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:1604

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8616

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15028

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11888

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:16068

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5892

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:12400

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15936

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7936

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5756

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11676

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15392

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:16428

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:4636

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:4388

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5420

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11580

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15216

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:6664

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17316

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8808

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14556

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11588

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15240

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:3792

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7520

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:16984

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11540

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15272

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5836

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11572

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15248

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7960

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14988

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11692

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15376

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:17156

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:2508

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5444

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8968

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14744

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12900

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11412

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15800

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:6652

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5428

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:8728

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14900

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11620

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:13560

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:17144

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:3500

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7512

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:16672

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11564

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15232

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:5852

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:12408

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15972

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:7952

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15092

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:11748

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:15368

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:17140

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
- Checks computer location settings
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1480

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2180

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:836

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:5660

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:8984

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
7⤵
PID:14528

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:11460

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15188

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:6788

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17368

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8936

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:14768

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:12488

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11492

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15124

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:352

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:1856

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:7500

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:17268

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11316

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14612

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5956

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:13080

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15712

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:8004

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15036

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11708

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15384

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:17160

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:2108

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5508

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8976

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:15020

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:13220

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11420

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15312

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:6804

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:17292

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:9176

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14620

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:13180

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11428

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15180

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:2088

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:7544

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:17244

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11548

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15768

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:5868

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:12392

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15944

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:8036

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15336

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:11880

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:16788

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:3112

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:380

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:5652

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:8952

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:13460

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
6⤵
PID:16664

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:11484

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15224

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:6828

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15140

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:9584

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:14500

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:12060

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11332

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:14668

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:1428

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:8020

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:15084

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11652

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:15256

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:5876

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:12456

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:16636

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:17168

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:7912

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:20432

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:11764

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:15808

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
PID:392

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:5716

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:10124

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
5⤵
PID:21588

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:11324

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:14584

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:6780

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:17252

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:8900

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:14728

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:12304

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:11468

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:15280

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
PID:1176

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:8960

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
4⤵
PID:14980

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:11436

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:15296

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:16584

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
PID:5948

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:12432

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:15856

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
PID:8012

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
3⤵
PID:3832

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
PID:11668

C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe"
2⤵
PID:13672

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\gang bang full movie sm (Christine).rar.exe
Filesize
536KB

MD5
c0a50486d1a7eb4742af7406482f2be3

SHA1
1cbc2f89c94245ffe4e4890c554e8a0edbd33aed

SHA256
83bbff90702be8666ac8aaaed86fa6f254d3c7d8c723f1b78c9cbb027ef030ab

SHA512
4392b523498fd327ddc593e86cc233222bbb06bf97956cf984fdc9b94a16a15278546a9e79d4bebd82a20c0d8f11be1439e8935d8b1cb49552a5df08b5a55231

Download Submit

description	pid	process	target process
PID 5060 wrote to memory of 3904	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 3904	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 3904	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 2400	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 2400	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 2400	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 5088	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 5088	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 5088	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 4528	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 4528	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 4528	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 1448	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 1448	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 1448	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 1480	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 1480	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 1480	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5088 wrote to memory of 3492	5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5088 wrote to memory of 3492	5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5088 wrote to memory of 3492	5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 4188	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 4188	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 4188	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 3416	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 3416	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 3416	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 3112	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 3112	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 3112	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4528 wrote to memory of 2516	4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4528 wrote to memory of 2516	4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4528 wrote to memory of 2516	4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5088 wrote to memory of 4636	5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5088 wrote to memory of 4636	5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5088 wrote to memory of 4636	5088	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 1448 wrote to memory of 4208	1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 1448 wrote to memory of 4208	1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 1448 wrote to memory of 4208	1448	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3492 wrote to memory of 4288	3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3492 wrote to memory of 4288	3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3492 wrote to memory of 4288	3492	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 1480 wrote to memory of 2180	1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 1480 wrote to memory of 2180	1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 1480 wrote to memory of 2180	1480	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 3812	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 3812	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3904 wrote to memory of 3812	3904	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 4424	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 4424	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 2400 wrote to memory of 4424	2400	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4528 wrote to memory of 1028	4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4528 wrote to memory of 1028	4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4528 wrote to memory of 1028	4528	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 392	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 392	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 5060 wrote to memory of 392	5060	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4188 wrote to memory of 4452	4188	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4188 wrote to memory of 4452	4188	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 4188 wrote to memory of 4452	4188	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3416 wrote to memory of 4568	3416	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3416 wrote to memory of 4568	3416	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe
PID 3416 wrote to memory of 4568	3416	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe	2fd0164c1549a37294a3ebcf00acdfff6c9e8c4e395cc9ff3eb18522a8faa175_NeikiAnalytics.exe

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads