3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:56

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
Size

83KB
MD5

77773cb744ef106244a2949fb0648a90
SHA1

2c496ba644abdea863872c61780c919fb1fe3b00
SHA256

3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb
SHA512

eb29143649186fde75cf02caa66da1c32cfc989df437f7d9d70a6423830b23b4c3205635273fcbcce406bdc720d563160df999f56663a75f8ad8507445409cbf
SSDEEP

1536:W7Z9pApQESOHepOHe8G+6E65dyGdykNdNBK2LUO:69WpQE0zUO

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2851) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stucco.gif.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\OmdProject.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\LayeredTitles\NavigationUp_SelectionSubpicture.png.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Edmonton.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.feature_3.9.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-actions_ja.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-filesystem-l1-1-0.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\IpsMigrationPlugin.dll.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\fr-FR\oledb32r.dll.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\flower_trans_MATTE_PAL.wmv.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\jvm.hprof.txt.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\AUTHZAX.DLL.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\da.pak.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Bermuda.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jvm.hprof.txt.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Samara.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-sa_ja.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Riyadh89.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\Mso Example Intl Setup File A.txt.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main.xml.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\VC\msdia100.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\vk_swiftshader_icd.json.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Belgrade.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.ui.sdk.scheduler_1.2.0.v20140422-1847.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Andorra.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_globalstyle.css.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_mac.css.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Uzhgorod.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunec.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.workbench.addons.swt.nl_ja_4.4.0.v20140623020002.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sr-spl.txt.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\IPSEventLogMsg.dll.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqloledb.rll.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\play-static.png.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DissolveAnother.png.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\SceneButtonSubpicture.png.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\security\trusted.libraries.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\LimitJoin.xltx.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\es-ES\TipBand.dll.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\zip.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-options_zh_CN.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_ja.properties.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\security\javafx.policy.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Caracas.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\it-IT\ShapeCollector.exe.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Full\dotsdarkoverlay.png.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.core.services_1.2.1.v20140808-1251.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-heapdump.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-options-api.xml.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\ja-JP\bckgRes.dll.mui.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\ko-kr.xml.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\tnameserv.exe.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\startNetworkServer.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.feature_1.1.0.v20140827-1444\META-INF\ECLIPSE_.SF.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\freebl3.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\ImportPing.M2V.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\setNetworkServerCP.bat.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.provider.filetransfer.httpclient4_1.0.800.v20140827-1444.jar.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-utility-l1-1-0.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Puerto_Rico.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\api-ms-win-crt-math-l1-1-0.dll.tmp	3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3386bc51d56d3b1efac1c47959f47b5ad853e92e049d098bd116de4a99a8accb_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1884

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp
Filesize
84KB

MD5
dfe237aa6b95fc637faec44beda07e9a

SHA1
c2160c8f5e9facb3ffce6b48823e2a2a4ff7b77d

SHA256
60fba537d517a8d42b420defa32d41b8554bb315bc4678061fb47932d5863d72

SHA512
302626930362b527a932324f1f6a37e22f2056b41be237f21c326db2d1f8f8438020bf842301c6750137cdbd4a0943c37ffed6634c03a32fdc8ac07308d5f6cb

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
93KB

MD5
8dcf4ce3180f680855da52acf2cc013b

SHA1
70cfc4f54a41d979a257611467d0f1133c66bd16

SHA256
8529bec96748597485d136083100017ed6175a01d9dda2fa4a7ccc764049d597

SHA512
6dbd65b7b5f6e365db095b57d17b8a118a9d502f3cf514e9e3b6a80fce79aa5f5ef5fc267d774dcb93d6075ca4344f126a0d10eabb84a8c97b0344e42f47b463

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads