362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354

Analysis

max time kernel
22s
max time network
124s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 04:43

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
Size

1.1MB
MD5

d6649a6778c42d3a73da84e7926bc8b0
SHA1

9c52d5828c9a93a8c2eccb2587a032f9772f4003
SHA256

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354
SHA512

cc1a33661a7ca8997f8095c591779d9af1478d65c3e14e5490c3d0e19146ddb974a3883b51fbfee70efca03834397dd2ad0139098aa8b8968cb818cba630b675
SSDEEP

24576:COyOuKpA9temTKNaX5SH/l16Vf0OPI/CXpgZ0u:CbOu6AfLKsgd0D8CuZR

Score

7^/10

persistence spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Adds Run key to start application 2 TTPs 1 IoCs

persistence

Registry Run Keys / Startup Folder

T1547.001

Modify Registry

T1112

Processes:

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

description	ioc	process
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\mssrv32 = "C:\\Windows\\mssrv.exe"	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Enumerates connected drives 3 TTPs 23 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

Processes:

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

description	ioc	process
File opened (read-only)	\??\M:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\O:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\S:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\V:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\W:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\X:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\I:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\E:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\N:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\A:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\J:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\L:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\P:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\Q:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\R:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\T:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\U:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\H:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\G:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\K:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\Y:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\Z:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File opened (read-only)	\??\B:	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Drops file in System32 directory 10 IoCs

Processes:

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\System32\DriverStore\Temp\british gang bang sleeping hotel .rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\lesbian cum [free] nipples granny .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\french xxx full movie titts .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\horse cum masturbation nipples pregnant .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\IME\shared\indian blowjob lesbian catfight .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\asian trambling xxx catfight glans sweet (Janette).mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\System32\LogFiles\Fax\Incoming\handjob lingerie licking titts traffic .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\xxx sperm girls .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\FxsTmp\japanese beastiality handjob [milf] swallow .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SysWOW64\config\systemprofile\brasilian sperm lesbian castration (Sonja,Sarah).mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Drops file in Program Files directory 15 IoCs

Processes:

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\DVD Maker\Shared\sperm beastiality full movie ash hotel .rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\GrooveForms\FormsTemplates\asian trambling action hot (!) .mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\hardcore lesbian legs penetration .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Update\Download\handjob [milf] upskirt .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\IDTemplates\sperm animal hot (!) .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Google\Temp\american animal porn girls black hairunshaved .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\ToolData\groove.net\DocumentShare\trambling big (Curtney,Samantha).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Visual Studio 8\Common7\IDE\VSTA\ItemTemplates\kicking catfight feet ash .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Windows Sidebar\Shared Gadgets\bukkake sleeping stockings .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\british nude hidden young (Ashley).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\Templates\swedish cumshot big lady .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Shared Gadgets\horse sperm girls wifey .rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\microsoft shared\french sperm trambling sleeping sweet (Sonja).mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Office14\Groove\XML Files\Space Templates\russian fucking hidden .mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Microsoft Office\Templates\1033\ONENOTE\14\Notebook Templates\swedish action [milf] .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Drops file in Windows directory 52 IoCs

Processes:

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

description	ioc	process
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor\french bukkake sleeping swallow .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\Downloads\italian animal catfight (Anniston).mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\malaysia lesbian fucking sleeping high heels (Melissa).avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..-ime-eashared-proxy_31bf3856ad364e35_6.1.7600.16385_none_f27c4f066f5c6701\malaysia xxx licking ash ash .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_de-de_b4aea777fe683838\kicking cum public ash redhair .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\nude horse girls traffic .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..me-eashared-coretip_31bf3856ad364e35_6.1.7601.17514_none_d81c96999f75bd77\russian nude girls .rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_en-us_5d9f7d70ed4643fd\lingerie sperm voyeur balls (Sonja,Tatjana).avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.SharePoint.BusinessData.Administration.Client\indian hardcore big gorgeoushorny .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\temp\chinese lingerie lingerie full movie ash .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp\tyrkish horse voyeur balls (Britney).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..e-eashared-kjshared_31bf3856ad364e35_6.1.7600.16385_none_99b74194b7347cab\norwegian beast lingerie public traffic .rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_94828572f7ddbf0f\horse girls wifey .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_6f0f7833cb71e18d\fetish sleeping boobs beautyfull (Tatjana,Jade).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-ime-eashared-ccshared_31bf3856ad364e35_6.1.7601.17514_none_34400a5790d1d336\african beastiality beast hidden cock bondage (Janette).mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ime-eashared-imepad_31bf3856ad364e35_6.1.7601.17514_none_98b24799b5d08c05\british beast cum licking .mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..olicy-admin-admtmpl_31bf3856ad364e35_6.1.7601.17514_none_4fe2107fd06efdd8\italian nude xxx big femdom .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_ja-jp_8c6fc5a7aa8c435d\animal fucking several models .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\spanish horse lingerie public hairy .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\SoftwareDistribution\Download\xxx kicking [bangbus] hole boots (Tatjana).zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-b..-bcdtemplate-client_31bf3856ad364e35_6.1.7600.16385_none_8419660d1cc97b24\japanese horse beastiality catfight .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_00225053e03f4c04\brasilian sperm blowjob [milf] circumcision .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor\brasilian cumshot fetish lesbian .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\black gay nude hot (!) mistress (Sonja,Curtney).mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\Downloaded Program Files\italian beastiality horse [bangbus] redhair .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\brasilian beast porn several models .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Templates\african lesbian hot (!) feet pregnant (Sarah,Anniston).mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\german animal horse licking .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\Downloads\brasilian trambling masturbation ash .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_32\Microsoft.GroupPolicy.AdmTmplEditor.Resources\gang bang sleeping boobs .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files\french porn girls titts sweet (Curtney,Tatjana).avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Templates\british cumshot animal hot (!) titts (Gina,Sandy).avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_64\Microsoft.GroupPolicy.AdmTmplEditor.Resources\french xxx lingerie licking penetration .mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_en-us_65b23d3c3a97bfaf\malaysia lesbian trambling [milf] ìï .mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp\hardcore xxx several models (Karin).mpeg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_64\Temp\swedish beastiality handjob voyeur shower .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_fr-fr_0835101f2d90c7b6\animal [bangbus] nipples swallow .mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\PLA\Templates\african bukkake big vagina .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-d..ashared-candidateui_31bf3856ad364e35_6.1.7600.16385_none_293ea1e3e6bc5364\beast fucking hidden castration .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_it-it_ea4a469ab7713182\brasilian action [bangbus] (Curtney).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.BusinessData.Administration.Client.Intl\malaysia sperm bukkake hot (!) .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\japanese sperm action lesbian .mpg.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6B8E.tmp\fucking fetish lesbian black hairunshaved .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp\cumshot lingerie public (Anniston).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\tmp\italian gay hot (!) .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_de-de_bcc167434bb9b3ea\norwegian animal [milf] titts young (Christine).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_it-it_f25d066604c2ad34\french nude [bangbus] (Tatjana,Liz).zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-h..-hmeshare.resources_31bf3856ad364e35_6.1.7600.16385_es-es_5d6ada54ed6d35a2\italian blowjob xxx lesbian cock (Sarah).rar.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\mssrv.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\assembly\NativeImages_v4.0.30319_32\Temp\black beast [bangbus] .zip.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\security\templates\norwegian trambling beastiality uncut cock .avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
File created	C:\Windows\winsxs\amd64_microsoft-windows-g..n-admtmpl.resources_31bf3856ad364e35_6.1.7600.16385_es-es_657d9a203abeb154\gang bang uncut beautyfull (Ashley).avi.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes:

362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

pid	process
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1240	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1536	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2136	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1636	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1288	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1092	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1496	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1808	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
924	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
916	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1144	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2364	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2400	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1240	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2288	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2288	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1416	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1416	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2260	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2260	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2136	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2136	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1536	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1536	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2568	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2568	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1392	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
1392	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Suspicious use of WriteProcessMemory 64 IoCs

Processes:

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
1⤵
- Adds Run key to start application
- Enumerates connected drives
- Drops file in System32 directory
- Drops file in Program Files directory
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2408

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2564

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2608

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2076

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:1536

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
- Suspicious behavior: EnumeratesProcesses
PID:2400

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:2916

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:3892

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
9⤵
PID:7608

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
9⤵
PID:10336

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:5652

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
9⤵
PID:15108

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:8540

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:3444

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:6136

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
9⤵
PID:10520

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:10480

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:4876

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:15736

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:8628

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:2948

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:3992

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:7860

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:14444

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:5888

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:10576

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10136

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3540

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:6672

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:11088

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4996

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:4692

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:8672

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
- Suspicious behavior: EnumeratesProcesses
PID:916

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:1756

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:3588

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:6544

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
9⤵
PID:15612

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:13820

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:5084

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:15728

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10312

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3252

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:5560

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:15144

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:7660

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10328

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4628

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:7520

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7252

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10128

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2428

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3576

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:6680

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:15252

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:11024

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:5200

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:15604

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:8680

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15876

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3236

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:5552

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10248

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10448

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4416

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15632

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6624

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:11016

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1636

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2356

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3092

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:5116

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:10536

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10040

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4240

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:11008

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6492

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10320

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:11032

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2592

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4832

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:15620

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7812

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:11772

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4060

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10096

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6060

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10172

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10072

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1416

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2884

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4612

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:14540

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7276

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10032

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3848

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7188

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:15788

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:14164

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5404

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15524

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10488

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:2172

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4080

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10008

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6256

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10552

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10408

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3652

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6884

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7668

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10344

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:5144

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10188

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:10064

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:1732

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1288

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2304

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3140

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:5536

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:16096

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10440

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4296

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6476

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10472

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:14172

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2544

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4740

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:15464

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7556

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:14436

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4032

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7764

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:11748

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6108

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10608

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10432

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2364

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2156

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3836

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:7296

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10048

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:5632

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10568

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10368

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3372

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6028

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10272

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10180

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4732

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15000

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:8648

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:2928

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3944

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7600

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10400

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6084

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10196

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3484

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6008

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10424

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4972

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:15720

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:8044

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2136

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:2288

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2672

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4552

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7580

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:13684

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3856

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6876

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:15448

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10416

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5916

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10392

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:2944

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3956

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7488

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:13692

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5592

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10220

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10512

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3512

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6372

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15656

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:11104

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4940

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:14836

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7780

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:12844

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:924

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3068

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3528

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6360

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10544

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4988

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10456

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:8664

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3208

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5584

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10592

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10296

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4384

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10528

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:6532

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:11000

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:1928

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3552

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6840

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10360

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4980

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7788

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:13172

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:3244

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:5544

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:16124

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:10144

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:4424

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:6608

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:1708

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:11340

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2736

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:2308

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1092

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:1360

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3188

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:5576

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:15712

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10376

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4304

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10236

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6484

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:12908

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:1660

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4700

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7572

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:13844

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4016

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:9992

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6116

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15244

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10256

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1392

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:2504

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:4708

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10504

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7796

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:11836

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3976

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7828

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:12476

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6068

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7692

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:13852

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:2740

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4360

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15640

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6552

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:13732

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3724

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6860

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6616

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:12452

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:5328

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:14984

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:10228

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1240

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
- Suspicious behavior: EnumeratesProcesses
PID:1144

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:1520

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:3768

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:7204

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
8⤵
PID:15084

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:14156

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:5160

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:15340

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10024

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3364

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:5996

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:9096

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4680

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10600

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7804

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:11764

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:1088

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3716

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7284

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10112

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5376

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10264

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10088

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3324

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6052

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10496

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10204

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4652

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10584

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7504

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:14092

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1808

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:864

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3496

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6248

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:10560

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:7652

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:14500

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4932

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15648

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7772

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:12836

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3200

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5620

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10464

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10056

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4328

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:15556

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7244

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:10212

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:1952

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3476

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6020

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:6412

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10104

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4948

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6040

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:8052

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:3108

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:5240

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:15548

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:8572

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:4264

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:15952

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:6632

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:5384

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:11048

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
PID:520

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:1496

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:1968

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:3228

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:5604

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
7⤵
PID:16072

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:10080

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4436

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15540

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6648

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:14556

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:11096

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:2980

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4752

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15596

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7512

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:13776

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4068

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7836

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:11720

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:6076

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7676

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:13828

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
- Suspicious behavior: EnumeratesProcesses
PID:2568

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3016

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:4528

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15564

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:6664

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:16088

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:11116

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3880

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:7328

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10164

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:5640

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:15408

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:10304

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:2712

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4256

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10280

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:6656

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:11040

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:3684

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:6868

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7684

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:11756

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:5152

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3888

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:10352

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:732

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:2532

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:3160

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:5192

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
6⤵
PID:15236

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:8688

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:15664

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4272

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:10288

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:6640

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:11080

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:1608

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4664

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:16060

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7264

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:12436

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:4024

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:8616

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:6124

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:10384

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
- Suspicious behavior: EnumeratesProcesses
PID:2260

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:2588

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:4644

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
5⤵
PID:14548

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7496

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:11780

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:3908

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:7320

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:10120

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:5736

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:8656

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:16152

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
PID:1148

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:4320

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
4⤵
PID:15972

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:6468

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:13836

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
PID:3676

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:7336

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:10156

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
PID:5208

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
3⤵
PID:15016

C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe"
2⤵
PID:8696

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Program Files\Windows Sidebar\Shared Gadgets\horse sperm girls wifey .rar.exe
Filesize
96KB

MD5
47130b353bf6344f47faa70a427aa2fc

SHA1
6c64e3e04edca3e0ed08cf848dc709c5e9482370

SHA256
773c7e51e5908fa637724bced8c2a018cd62b6ffe3748e19554b2714672ef53e

SHA512
c3ea98b837bb9e337de78225bd338ace640faf8be33d8c3ef459f8aaea93639c37b3a3d6417a3d460887de776577b1b3aebd3127625ae78220b79ffc810c6b67

Download Submit

description	pid	process	target process
PID 2408 wrote to memory of 2564	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2564	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2564	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2564	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2608	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2608	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2608	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2608	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2736	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2736	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2736	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 2736	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 2308	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 2308	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 2308	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 2308	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 2076	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 2076	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 2076	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 2076	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 1732	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 1732	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 1732	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 1732	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 520	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 520	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 520	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 520	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1240	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1240	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1240	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1240	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2136	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2136	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2136	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2564 wrote to memory of 2136	2564	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2076 wrote to memory of 1536	2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2076 wrote to memory of 1536	2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2076 wrote to memory of 1536	2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2076 wrote to memory of 1536	2076	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 1732 wrote to memory of 1288	1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 1732 wrote to memory of 1288	1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 1732 wrote to memory of 1288	1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 1732 wrote to memory of 1288	1732	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 1636	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 1636	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 1636	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2608 wrote to memory of 1636	2608	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 732	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 732	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 732	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2408 wrote to memory of 732	2408	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 520 wrote to memory of 1496	520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 520 wrote to memory of 1496	520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 520 wrote to memory of 1496	520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 520 wrote to memory of 1496	520	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2308 wrote to memory of 1092	2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2308 wrote to memory of 1092	2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2308 wrote to memory of 1092	2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2308 wrote to memory of 1092	2308	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1808	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1808	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1808	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe
PID 2736 wrote to memory of 1808	2736	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe	362f4b21468484d6b00d9c72b30db49ee43303ccc362e87a3a14ff4c1b662354_NeikiAnalytics.exe

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Replay Monitor

Loading Replay Monitor...

Downloads