334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce

Analysis

max time kernel
150s
max time network
124s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
Size

55KB
MD5

82efca0e8979c7121d04e1b32f48f380
SHA1

e0e21ef908baffd03b5800fa96ebcd3ab196068e
SHA256

334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce
SHA512

796b21ca2b2af3aac158b06e2eb1c977921c3bd73b2ec99074fb77902c2567dfee4a8c23ce085a9e23c51a7f8ad91c94488a548dbfe7584cef7bf68a5cdf2d0b
SSDEEP

768:W7BlpppARFbhbt7Y7zPhwyPhwdOwOWF/MF/fweJtv/bt9G2XO2XJPu:W7ZppApIayan2O

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3433) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jre7\LICENSE.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_imem_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libcc_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kaa.txt.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\sqmapi.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\glib-lite.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipskor.xml.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_delay_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+8.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Majuro.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\perfcore.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.commons.logging_1.1.1.v201101211721.jar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-keyring.xml.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jp2native.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Madeira.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.zh_CN_5.5.0.165303.jar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\MSBuild\Microsoft\Windows Workflow Foundation\v3.0\Workflow.Targets.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationRight_ButtonGraphic.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_SelectionSubpicture.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\modules\dkjson.luac.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\FlickLearningWizard.exe.mui.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Makassar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\liboldrc_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationRight_ButtonGraphic.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\New_York.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Mazatlan.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\bckgzm.exe.mui.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\16to9Squareframe_SelectionSubpicture.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\blackbars60.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Push\push_item.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-utilities_ja.jar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Qatar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Nauru.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Net.Resources.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\mip.exe.mui.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\15x15dot.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Nome.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\epl-v10.html.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\index.gif.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.ServiceModel.Resources.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libtdummy_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ro-RO\tipresx.dll.mui.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Yakutsk.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Australia\Hobart.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\modules\locale\org-netbeans-modules-profiler-selector-ui_zh_CN.jar.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.png.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-core-localization-l1-2-0.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\af\LC_MESSAGES\vlc.mo.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IpsMigrationPlugin.dll.mui.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\http.luac.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Workflow.Runtime.dll.tmp	334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\334e4867a327eb5df421cc14ec3f98ff8d93d8f4aeafe870b0f80c283f9ec2ce_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:340

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2297530677-1229052932-2803917579-1000\desktop.ini.tmp
Filesize
56KB

MD5
e7c64ca4b8343a324bb238006aa1afcc

SHA1
c9b5c396dc7e9f3ecfd1ddeb911ff05c9667a0a1

SHA256
342a6ed97eb02ff8ae0aaf4e650ca4e3af51d3c82ed1d7700556fb1c8e555a4b

SHA512
b58c86dfeb4eb7d3d0cc29c29282d6bf699e12133178d91a74158a399b31a19151189c2d55be55800acfae39aa29f211f5e18ef5cff1df2f8fc43bf29de532d0

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
65KB

MD5
8e0084bf06e53ab5c30a8a897647b839

SHA1
a230fc51b1739ad682bfc997b284c3128bf15216

SHA256
b5d0c221011711a0d9cde9a37f90d4274a607d7600f9a47443ca86a97079c86e

SHA512
3a40f5f0bfef729169669fac0e8e664b27b3f8f72cfd34b5c4e86fac037c13f5871216a0750769eb711c17df957888f3fd63c53b6603d4d5f53ec8214389524a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads