3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:54

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
Size

77KB
MD5

675dd6ad0f26b24feb03c153e2528ee0
SHA1

ecf4370432518a925aa252857b59691f5e2b77f0
SHA256

3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4
SHA512

553d41ae4828d36287a24a40f70a3773ccdd5f1fd1176ab805e23de429a761ea204e1b9db0124e2206c30a94d9e681f6f0bcf465601512f074f46619cdc3ebaf
SSDEEP

1536:/7ZQpApze+ejfFpsJPKZ2wfxRfxzdYaH4c:9QWpze+ejfFpsJPKZ2wf7fVdV

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3222) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\lib\deployed\jdk16\windows-amd64\profilerinterface.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-7.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\ja-JP\Hearts.exe.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\de-DE\msadcer.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\photoedge_buttongraphic.png.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\appletviewer.exe.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\sv-SE\tipresx.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\update_tracking\org-netbeans-modules-profiler-selector-ui.xml.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nb-NO\tipresx.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\micaut.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\net.properties.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\UIAutomationProvider.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msador15.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-util.xml.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\pa\LC_MESSAGES\vlc.mo.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\7z.sfx.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages.properties.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.help_2.0.102.v20141007-2301\feature.xml.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychart.ui.ja_5.5.0.165303.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui_2.3.0.v20140404-1657.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\mn.txt.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\MEIPreload\preloaded_data.pb.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\classlist.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Garden.jpg.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20141007-2033\launcher.win32.win32.x86_64.properties.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.event_1.3.100.v20140115-1647.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.httpcomponents.httpclient_4.2.6.v201311072007.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-favorites.xml_hidden.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Aqtobe.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Novokuznetsk.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Tbilisi.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.zh_CN_5.5.0.165303.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-execution.xml.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-openide-compat.xml_hidden.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\More Games\it-IT\MoreGames.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\defaults\pref\autoconfig.js.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.Core.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\it-IT\msader15.dll.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\CircleSubpicture.png.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.identity_3.4.0.v20140827-1444.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-core-execution.xml.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Asuncion.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Miquelon.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Resources.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ja-JP\mip.exe.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_leftarrow.png.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\cmm\sRGB.pf.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\Chess.exe.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Peacock.jpg.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui.configuration_5.5.0.165303.jar.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4_default_mru_on_win7.css.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\es-ES\bckgzm.exe.mui.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\it\LC_MESSAGES\vlc.mo.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\BabyBoyMainToNotesBackground_PAL.wmv.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-core-io-ui.xml_hidden.tmp	3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3372f7630b27e4ff2d15ec4241d7ffd5010110b31c034a532004fbfb22c64ad4_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1364

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp
Filesize
77KB

MD5
42c5f80b5b0f20efdace5fa5aa6085b9

SHA1
eb410db1463efd25c831be0400d7a7b3576ae869

SHA256
d53b52ee8ec5a60f4ac4941cf408f2bbbdde7842829cd3d10ef4be57bf4e9e58

SHA512
09870dbcda0c8f3bead0e3f4381fc5f1a86dea026d095af402d8e4be897e3046e8a9c0a1ebad0ab48686cb5476629233470cac8bab3f43a5391cf834e1341339

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
86KB

MD5
29f80a0ebd80b34a8081c7a9401f0508

SHA1
80a3704ebfcfc598e4c18aca734e0ddddf8e78be

SHA256
a98d5c41448383e7f5d22b9e733ce61c68e63e05f3e97ecc11910514640310b6

SHA512
ccb92450313842b37b9e35e093ce91e7f45f781f62e5398029e9211038e155d2f25969d72ceba894daf1a8ff745cdbe617b8af6814f26f41a2a0f33d43342571

Download Submit
memory/1364-0-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download
memory/1364-186-0x0000000000400000-0x0000000000408000-memory.dmp

Filesize
32KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads