33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52

Analysis

max time kernel
124s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 03:58

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
Size

46KB
MD5

fca6fba96ffd93021b6b758a9e970250
SHA1

88c94d758b2d7f1070f4d3158ec82ab8f7ef7510
SHA256

33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52
SHA512

b339888ddccaafcc84d8e107639ee58600417ea23a714cfa0fc2112044df1fcf40c7d76f88bb1ecac37b7e12d0ae0bd7598d4900431f40b14deb00c2fd36164f
SSDEEP

768:W7BlpppARFbhbt7Y7FoICOiJfoICOiJQ444ZqcjXY/IjXY/rL7:W7ZppApWmjXWY/IY/r

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3426) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\numbers\numbase.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\Bear_Formatted_RGB6_PAL.wmv.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Rome.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\FreeCell\it-IT\FreeCell.exe.mui.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.views.nl_ja_4.4.0.v20140623020002.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Pitcairn.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipsita.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Eurosti.TTF.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jdwp.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Ushuaia.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.launcher.nl_zh_4.4.0.v20140623020002.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\de\UIAutomationTypes.resources.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\es\System.ServiceModel.Resources.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libaddonsvorepository_plugin.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\dialogs\create_stream.html.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Psychedelic.jpg.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Seyes.emf.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Solitaire\fr-FR\Solitaire.exe.mui.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\System.IdentityModel.Selectors.Resources.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\css\main.css.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\SystemV\CST6CDT.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\mainscroll.png.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\lib\derbyrun.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sao_Paulo.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-autoupdate-services.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\kk.txt.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Macau.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.intro.nl_ja_4.4.0.v20140623020002.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ar\LC_MESSAGES\vlc.mo.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.emf.common_2.10.1.v20140901-1043\feature.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WindowsFormsIntegration.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Postage_VideoInset.png.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.attach_5.5.0.165303.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\lib\locale\boot_ja.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\crashreporter.exe.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\cli.luac.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrcatsh.dat.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\hr.pak.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\psfontj2d.properties.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Dublin.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\SpiderSolitaire\SpiderSolitaireMCE.png.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.png.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\WinFXList.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Services.resources.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circle_glass_Thumbnail.bmp.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.core.ssl.feature_1.0.0.v20140827-1444\feature.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\booklist.gif.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thunder_Bay.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fi-FI\tipresx.dll.mui.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Hermosillo.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-modules.xml.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Accra.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.mbeanbrowser.ja_5.5.0.165303.jar.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\custom.lua.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\ShvlRes.dll.mui.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp	33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\33a13c709b8c2bcb8f03d10f39bbe25a46ff74825c01470db0135e1da6920b52_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2556

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp
Filesize
46KB

MD5
94b2a32d210028502837a0e5c78fb33d

SHA1
3bca429c0a33f264e07eb5786bd0baa2a6fbd476

SHA256
a96ef30702bdb0f60c7b3f86fa7aefd621e4a7037c12d46e66ff6232a0c94b7d

SHA512
f6f5b4ce21a7cd91999e142447367e3075b8a1667b0a7f88216bcb19e4df5a5202ec42ea8b685b4e41d9ba97f0dcbdce60d530768c416d9bd1532ab34bcb9a97

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
55KB

MD5
6b0a47611c78d15b858d5a8950140072

SHA1
6541fc52a2b6d4c0428f477b0c5215d1f7bbd4b2

SHA256
9909943bb251eba5f9ee31cdaefb5dba7cbe256e4c263d9897a61d7f081e05d9

SHA512
0698c227b0187278283e250df2963082c99c4adf6abb0836c4ff523491449d0fe32113252640d1fd77c76b47bac516e543c585fb6f1073008a3be37760f6d25a

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads