3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:18

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
Size

57KB
MD5

374706074681a360f6890983e8431650
SHA1

135e9284620175748a99e3cd89fd6eb17c7698c6
SHA256

3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6
SHA512

27d7b02b4f8c0224c818693b2265df8e515e4f316ae32a4e1325d8bef0893816b5d3c42b65c6fb96bdf9a09ea3eb05f962dbbb39fa4c595618e3e3e870dafbf1
SSDEEP

768:W7BlpppARFbhbt7Y7zPhwyPhwdOwOWF/MF/bnCvX108S3ZCvX108S3G:W7ZppApIayan2T81m3a1m3G

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3613) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-host-views_zh_CN.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Madrid.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.ComponentModel.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Management.Instrumentation.Resources.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipTsf.dll.mui.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\DiagnosticsTap.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-swing-plaf.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-utilities.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Scoresbysund.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\lgpllibs.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\wab32res.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\F12Tools.dll.mui.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cancun.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\psfont.properties.ja.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\ONFILTER.DLL.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\ja\UIAutomationClientsideProviders.resources.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\120DPI\(120DPI)redStateIcon.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickLearningWizard.exe.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\HueCycle\NavigationUp_SelectionSubpicture.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Araguaina.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\es-ES\shvlzm.exe.mui.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\it-IT\SpiderSolitaire.exe.mui.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\dumpmeta.luac.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\PicturePuzzle.Gadget\Images\tile_drop_shadow.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrusash.dat.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Pets\Pets_image-frame-ImageMask.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_gray_thunderstorm.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\27.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waxing-gibbous_partly-cloudy.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Kerguelen.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\META-INF\ECLIPSE_.SF.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-core-io-ui.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_zh_HK.properties.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\si\LC_MESSAGES\vlc.mo.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipshrv.xml.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\email_initiator.gif.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscene_plugin.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net_1.2.200.v20120807-0927.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\ext\sunec.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\fonts\LucidaBrightDemiItalic.ttf.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\1.png.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\IpsMigrationPlugin.dll.mui.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Volgograd.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\gadget.xml.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\fr-FR\settings.html.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\META-INF\ECLIPSE_.RSA.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\sunec.dll.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\as_IN\LC_MESSAGES\vlc.mo.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\ja-JP\PhotoViewer.dll.mui.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\de-DE\settings.html.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\St_Johns.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-netbeans-modules-queries.xml.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyLocale_ko_KR.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.simpleconfigurator.manipulator_2.0.0.v20131217-1203.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help.ui.nl_zh_4.4.0.v20140623020002.jar.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-nodes.xml.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT+9.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Chuuk.tmp	3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3177afbe1b57a48e5339ea5ff2c1a91b1614416eb9f277e40edaf677466c08f6_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2104

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp
Filesize
58KB

MD5
325e0292974db01af0581156580e1ef9

SHA1
ee2314264f17de28f557f807f4737000f355a06c

SHA256
c7bec7c89825720d8d1d4cd29037c466e0fd0c61f4c923317698513dee8840a2

SHA512
3cbf3a1216520d84a17332661cebe89c92ff125c42276615f59489d20da09a26145b923fb25a740421f1f51df894ed968776f7cd03034475910c7992c27fe117

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
66KB

MD5
2fc517952fb97d6455b04cdfef7ad66b

SHA1
8fa2541a344f3e0d5bbb2af32ba81072ba8b8415

SHA256
66002672a29521b3acffe0b3178692626df0ad40f5514b1d971307ca6ef8b6dc

SHA512
261f80b4e9c61b882e5b34f6db975e0db582fffad2af35567201c6a9e96f3c4a2531075d618583e8e441c2431228c70a646f2712e6355144331bd8736bbc0e3b

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads