333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e

Analysis

max time kernel
149s
max time network
124s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
Size

37KB
MD5

79e95a0594c2d4a042132fb469fce3c0
SHA1

4d05da6972beb4517f4eecf50b82ccb54e9328f7
SHA256

333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e
SHA512

018f5f99e1a941b80d6e8d066354c2f30ecb4529059a40da33b0b9450a6741c063bf7ef458723d1cc7285d0876aca945ee9fe1ca75fde5bacb3bce95827ecd85
SSDEEP

384:GBt7Br5xjL9AgA71FbhvuNBN2TQ1nrSLmnsNw/NwLux:W7BlpppARFbhknrSLmsNw/Nwy

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3428) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\16_9-frame-background.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Magadan.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ru.txt.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\LICENSE.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\sa-jdi.jar.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_it.properties.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Krasnoyarsk.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\de-DE\SpiderSolitaire.exe.mui.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\15x15dot.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Cayman.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Amman.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk_1.0.300.v20140407-1803.jar.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\de\System.Data.Linq.Resources.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libgrain_plugin.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\adcvbs.inc.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\ParentMenuButtonIcon.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.flightrecorder_5.5.0.165303\feature.properties.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqloledb.rll.mui.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Casablanca.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libsdl_image_plugin.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ConvertInkStore.exe.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\ja-JP\Chess.exe.mui.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\stream_config_window.html.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libmft_plugin.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.win32.nl_ja_4.4.0.v20140623020002.jar.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\Welcome.html.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\ParentMenuButtonIcon.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Rectangles\15x15dot.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SportsScenesBackground.wmv.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\ShvlRes.dll.mui.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libedgedetection_plugin.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\DirectDB.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationLeft_ButtonGraphic.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\networkinspection.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Paris.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\FlipPage\NavigationUp_ButtonGraphic.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\San_Luis.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Rankin_Inlet.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-javahelp.xml.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\javaws.jar.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Urumqi.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationFramework.Aero.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\msdatl3.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Management.Instrumentation.Resources.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.Design.resources.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\UnprotectLock.dotx.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_ogg_plugin.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\203x8subpicture.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-core-kit.xml_hidden.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mn.txt.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\Memories_buttonClear.png.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-javahelp.xml.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\More Games\es-ES\MoreGames.dll.mui.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-private-l1-1-0.dll.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\zh-tw.txt.tmp	333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\333df0eb9a02b1c79f286449b3ec8ea00b97502a8821bbec6a79add726d7947e_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:848

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-268080393-3149932598-1824759070-1000\desktop.ini.tmp
Filesize
37KB

MD5
dd015457176e463f7651d78ae88e3a6f

SHA1
b5323563b0d78c5d5bd8bf5bb6c193640f0cf6a0

SHA256
71cad9c98a6e05fed9e4787a5d490a41aeae42613321195d3a0bc7c10d515a68

SHA512
829868c1bc52ad53445bd9032c2a0d8f085094ed47aca1f34ed89ccfcc37c440360edc40e365893916f9964f5a8cb94cdb4efb6b1a2477644e19bae7d056b8ea

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
46KB

MD5
a3b98ea529cb65242da36806d2ab7282

SHA1
c2debbf0d1537d109ac72dcb915c0a485ec324d5

SHA256
93903648fb3e2699e4ee4769a527b1f3cd1171b2ba85b78c7b104746d4179315

SHA512
afde2cbe761f895bd381d40dd03c0d69c3c35a4747987c25c74583d95add1e798f40c6a12ac9fef9ba521f29dfa0b4f74b03cbb3176670ae93a5546dc68bf46f

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads