33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 04:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
Size

85KB
MD5

57a51ac463ae8b49c3ce8fbaafa5d800
SHA1

063a6ae99fa8725c9bfe41c195edfb33d688edcc
SHA256

33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e
SHA512

56834445e42b80a6cb83603b70f792b5e8af7e14f13812732bc20d8a3975823035a9f62d0cee129d3dd4894905ed673dadf66ff52c0c9b488eceb30b3a19942f
SSDEEP

1536:W7ZhA7pApH1d9oVLQthbqbY9oVLQthbq51Rn6wt7t5m0m69YUpCUppXxXTXxXX:6e7WpP9oVLQthbYY9oVLQthbUrt7t5ma

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3107) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jre7\lib\zi\America\Belem.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\fr-FR\shvlzm.exe.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Africa\Algiers.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.net.nl_ja_4.4.0.v20140623020002.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_ja.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kcms.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Nauru.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Resolute.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.greychartplugin_5.5.0.165303.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multitabs_zh_CN.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-tools_ja.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Detroit.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\keypad.xml.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\chrome_elf.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\dblook.bat.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\ja-JP\chkrzm.exe.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Beirut.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\org-netbeans-modules-javahelp.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Stars.htm.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Heart_SelectionSubpicture.png.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationRight_ButtonGraphic.png.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host-views.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\et-EE\tipresx.dll.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\p2\org.eclipse.equinox.p2.engine\profileRegistry\JMC.profile\.lock.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-ui_ja.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\en-US\msdaremr.dll.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\1033\MAPISHELLR.DLL.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\License.txt.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\t2k.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Chess\de-DE\Chess.exe.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-modules-sampler.xml.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\kn\LC_MESSAGES\vlc.mo.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.help_3.6.0.v20130326-1254.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\ext\sunmscapi.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.equinox.p2.core.feature_1.3.0.v20140523-0116\feature.properties.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin.nl_ja_4.4.0.v20140623020002.jar.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\fr-FR\ChkrRes.dll.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\sonicsptransform.ax.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Sitka.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\cmm\GRAY.pf.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Honolulu.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\deploy.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Data.Services.resources.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\id\LC_MESSAGES\vlc.mo.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\msadc\fr-FR\msaddsr.dll.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iediagcmd.exe.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\kinit.exe.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\w2k_lsa_auth.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Santa_Isabel.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Scoresbysund.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx_5.5.0.165303\META-INF\MANIFEST.MF.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\fi.txt.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\SpeechEngines\Microsoft\TTS20\fr-FR\MSTTSLoc.dll.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyGirl\bear_formatted_matte2.wmv.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\fsdefinitions\main\base_jpn.xml.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\System.AddIn.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\orbd.exe.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\plugin.properties.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Auckland.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Backgammon\en-US\bckgRes.dll.mui.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ga\LC_MESSAGES\vlc.mo.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libsmb_plugin.dll.tmp	33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\33c1144657cd99ecccc12efb7932be4ab5140273359b036944a24cadb533fd1e_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2016

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1340930862-1405011213-2821322012-1000\desktop.ini.tmp
Filesize
85KB

MD5
4be875d8e7f2b6b5080517a639381c68

SHA1
48abd98ad6a92e8802f3642720739642e3f7ab43

SHA256
49fcb69bbe8e3286e6b94280e02a9ffc2630896fd13441e4299cbf32db250673

SHA512
1bacd3b7032b4dd9789d8f1aa9e7a6957e4f0dde1a5752dc4342d0bb2e093eb2d556841f9e822f080360b12f26697407e7f48b4b498148992f3f50961eed17a3

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
94KB

MD5
5767243ac5993f44577a870973e5bea8

SHA1
01fc1f4be6bc5bca1aa7a192b611f00526816766

SHA256
6475139f3dc97673a8cea46a2c942caa7aa258e2b8080005ab5d4a6a1ddc2770

SHA512
107c79313b07ce856f9ebb737b7ef54973d48ef24217fb2f724732c66f0b2d73570a019112fe54060a7cd2ad855da0c2bf87cd3156e1cf93d854d43b1f9e917e

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads