349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e

Analysis

max time kernel
150s
max time network
127s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 04:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
Size

98KB
MD5

aa3adbc68bb23df78a3f1eb25e75a470
SHA1

0adf5cc8e9d203f835ed2b318e998832b9e280cb
SHA256

349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e
SHA512

73b0da6bf334be5802baf00ab6a4be6f2e3dd713f3022659154787a8f9051be4d302322b8dfe8ce6e681bfea9624e7455ab0e697e33972898dd33b2af954d43a
SSDEEP

3072:6e7WpMaxeb0CYJ97lEYNR73e+eKZOf7fOw2wSBr:RqKvb0CYJ973e+eKZOf7fa

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (2655) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification.ja_5.5.0.165303.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-openide-modules.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-heapdump_ja.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-application.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\fxplugins.dll.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\background.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\calendars.properties.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata.repository.nl_ja_4.4.0.v20140623020002.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-openide-options.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Recife.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Performance\Perf_Scenes_Mask1.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\FormatBackup.mpg.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\javac.exe.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\mix.gif.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-sampler_zh_CN.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\org.eclipse.ecf.filetransfer.httpclient4.feature_3.9.1.v20140827-1444\META-INF\ECLIPSE_.RSA.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_preferencestyle.css.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\WhiteDot.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT+9.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.flightrecorder.controlpanel.ui_5.5.0.165303.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-templates_zh_CN.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation_1.2.100.v20131119-0908.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-masterfs-nio2.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\sv.txt.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\InkObj.dll.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Europe\Kiev.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-favorites_zh_CN.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Anadyr.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Asia\Ho_Chi_Minh.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\nio.dll.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.metadata_2.2.0.v20131211-1531.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark.css.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-jvm.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ky.txt.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\SystemV\CST6CDT.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\winXPTSFrame.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-host.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\locale\com-sun-tools-visualvm-jvm_zh_CN.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\decora-sse.dll.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\dark\e4-dark_basestyle.css.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\images\win7TSFrame.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\plugin.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Noronha.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\NavigationRight_SelectionSubpicture.png.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jar.exe.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\prodicon.gif.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.di.nl_zh_4.4.0.v20140623020002.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thule.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.publisher.eclipse_1.1.200.v20140414-0825.jar.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\update_tracking\com-sun-tools-visualvm-modules-appui.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\jvm.hprof.txt.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\en-US\join.avi.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Pacific\Kosrae.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.feature.console_5.5.0.165303\feature.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-templates.xml.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\is.txt.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\hwrfralm.dat.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\TabIpsps.dll.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\MSInfo\de-DE\msinfo32.exe.mui.tmp	349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\349dfd45eb436cedb61a0c7a42d2292a29441b31e6dd54bee1f1879183ee406e_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2860

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-1298544033-3225604241-2703760938-1000\desktop.ini.tmp
Filesize
98KB

MD5
6d244df42a2121008f5f9d9d4b17d69c

SHA1
533bc97ba47b674509586f77fc491eb79013b257

SHA256
5999d3e44419c0deee44a6afd94063117c487ca4c81b6731801187d0b6bb520a

SHA512
d0aa4e22255f276249ce0f9d7635298e8baadb3f919df762cea6fd949f2bfb1a500e0e222b26f39a2d67c11179a3780be8577cb090206313196f88abca5e3805

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
107KB

MD5
4e092eb40d1d20030e0923362c3ee2e2

SHA1
35a9b4930de3ea0e65a38af964a5ee81761ceac4

SHA256
a908217d2654f5bd60cb464f15dab44970c73b6d6ce370d6d092885ad2f30a2c

SHA512
dfde1d252dce2252955a80282c92b7ecc5094118f207a0b8ae55388737efc36ad69b74c8aab7522e6e1e065d615e8bf655567a7b644f620b52742b5629aa1460

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads