33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1

Analysis

max time kernel
60s
max time network
127s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:49

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
Size

47KB
MD5

cafade9267990330398db873aa9551b0
SHA1

151b4c13d4032647a378b526f04a6a5c64fc6dfb
SHA256

33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1
SHA512

46cd85999f2a97689e779fca9f3ddee6daaf81f223a01f287ca76a573e37856be35159934c0ff2cceecc0df6240b7a92de72cd965a26791a5803a709a24338b8
SSDEEP

768:W7BlpppARFbhbt7Y7FoICOiJfoICOiJS0Da0DWDgC0Da0DP:W7ZppApWmp0Da0DWEC0Da0DP

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (195) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\7-Zip\Lang\af.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\el.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sk.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mng.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\he.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\it.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\zh-cn.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\FlickLearningWizard.exe.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipTsf.dll.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\dicjp.dll.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hy.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ro.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ar-SA\tipresx.dll.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Content.xml.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\az.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\da.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ext.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mr.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\msgfilt.dll.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\micaut.dll.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mn.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hr.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Filters\odffilt.dll.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\id.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ka.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kab.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ku-ckb.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\Alphabet.xml.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\correct.avi.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\History.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\be.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hi.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pt-br.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\tt.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\yo.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ast.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\eu.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hu.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ko.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ms.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\pt.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ru.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7-zip.chm.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7z.exe.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lt.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sa.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\uz-cyrl.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\gl.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\en.ttt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\lv.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sq.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\va.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7-zip.dll.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\bn.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fy.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ug.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkObj.dll.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ca.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\is.txt.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipBand.dll.mui.tmp	33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\33447bcb997ad922072629eda4736039e28037e7faea644632bce01a90bdcfe1_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1696

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-39690363-730359138-1046745555-1000\desktop.ini.tmp
Filesize
48KB

MD5
3635cb027f6db26499c1136b6a70132f

SHA1
739b763ff053e8428840cf6c5801b729507a0f3e

SHA256
3674e6496b1314b742d95210e967da231ec5a3f3708666baa639d38daa1b56ad

SHA512
892c66653771b5524e72602ba29eb25b3019271612fde09c21029b649316823c4e942874c9b96936b9b9b452b98a3079e3eb60fa14adf2073f3739f6321670cd

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
57KB

MD5
8c15802a0e8ee6f6027f796af000c968

SHA1
c8261f328e25d671f685b0d79c1e43923142aef3

SHA256
8f8c7aa0bbdba24c3979c13ac4d41c241aa716aa18f877ef440c804444f6c3e5

SHA512
cd8a2da9a8b525bed98d97baec7dfa79fd4e671abb7f47a1bba6ce5dc0094e6828a922fd412d9a28d1e09a7acda65d5749fd090aac9c1885f9306a8badc3b138

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads