331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5

Analysis

max time kernel
123s
max time network
118s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:46

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
Size

38KB
MD5

3f654599d7f06ef814abc936dccaea70
SHA1

1069433ba3cdd3406abe348c3e17364039281931
SHA256

331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5
SHA512

5961403b03ba2561d101505c8fcd591c03aae7f82a71ef7e42a951c2f68cbefe71ad49ef689e929dc0d42e76cc152e1bf690ef55d16de4d9bc0d68cc7484a57f
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBN2TqXSg4vm3lXSg4vm3JF0FM:W7BlpppARFbhaKM

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2846) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\javax.annotation_1.2.0.v201401042248.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-tabcontrol_ja.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\nssckbi.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\oledb32r.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationLeft_SelectionSubpicture.png.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoBeta.png.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\en-US\MSTTSFrontendENU.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\btn-next-static.png.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\1423861261279.profile.gz.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\es-ES\Minesweeper.exe.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\More Games\it-IT\MoreGames.dll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msdaprsr.dll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\locale\jfluid-server_zh_CN.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Indian\Mahe.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\ant-javafx.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-lib-uihandler.xml.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Porto_Velho.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Vladivostok.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Niue.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-uihandler_zh_CN.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Ust-Nera.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jabswitch.exe.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.commands.nl_zh_4.4.0.v20140623020002.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ust-Nera.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\bckgzm.exe.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-string-l1-1-0.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqloledb.rll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\WMM2CLIP.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\ExpandSkip.scf.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Reykjavik.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.historicaldata.ja_5.5.0.165303.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\javafx.policy.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Sand_Paper.jpg.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipssrl.xml.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.core\cache\binary\com.oracle.jmc.executable.win32.win32.x86_64_5.5.0.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-attach.xml.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_VideoInset.png.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Brisbane.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\UTC.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsplk.xml.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\sqlxmlx.rll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\btn-next-static.png.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.batik.css_1.7.0.v201011041433.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings.nl_ja_4.4.0.v20140623020002.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Indian\Maldives.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Services.Client.resources.dll.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-9.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\org-netbeans-modules-profiler-api.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_specialocc_Thumbnail.bmp.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\es-ES\oledb32r.dll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\tr.pak.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.artifact.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\tr-TR\tipresx.dll.mui.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\management\jmxremote.access.tmp	331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\331d9ab0f6b9c74fced691f0e533bdc35b5e993ac1de7a002d2c4999a4da73f5_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2984

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp
Filesize
39KB

MD5
694de9e7ab5fe1a1c0c042f5e0d05fd7

SHA1
7afee6d732bab7e196be259ccedf2739edb9cdcc

SHA256
3ddab0c56432e359199c62d3470d16a8738905ed594f95e00e38fbbe35cef25f

SHA512
13e55ac6b95ceace55d0d9b81851a5d3bc908caf2e01745fd48a083b13776b3bba36c05e001129d5b3e42e1a8e6be358e83e8158ff2ac83177828d43f7d9b657

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
48KB

MD5
ca4e4f5de47fc74b46214c0eafa5f119

SHA1
795990be03c7c7dbba53ebdc394fb8a760cc90f4

SHA256
716e1e04ffbd202803a21581dabee9531c9700c0a91f37b4285376c935d26954

SHA512
e6b342dd23b4828ae5b422c5f1cccbdd454c9016bf87c210eeef21b370a23ced0d4ce56a01e7a92474f49f5fb25d55b4ac252b167459a2de1442d090663292f5

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads