37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 05:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
Size

85KB
MD5

ee07eb05f554f00d11b09273bf1f3b80
SHA1

9a839d89870c8bc1562ceed1368be58e13a059f8
SHA256

37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0
SHA512

e6d16daf2ea601b11542c9c3497b6506be1c381fb921214d3866706787d33a9e711969cdb34890f195b84c15f5fa7f847c9a10afdaef2bcec6603ab5070e29bb
SSDEEP

1536:W7Z+pApfGQ3y3RWvfmRfm9sKsSd5MY7QulkAJ:6+WpDfmRfmh8SQul/J

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3700) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\SmallLogoBeta.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.bat.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\jfr.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Winamac.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_moon-first-quarter_partly-cloudy.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\VideoWall\videowall.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.jface.databinding.nl_zh_4.4.0.v20140623020002.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\North_Dakota\Center.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\mobile_view.html.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\en-US\RSSFeeds.html.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\spu\libmosaic_plugin.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\es-ES\MpEvMsg.dll.mui.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\NavigationUp_SelectionSubpicture.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\j2pcsc.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-keyring_zh_CN.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Inuvik.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Etc\GMT-12.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Mozilla Firefox\AccessibleHandler.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ba.txt.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\VisualElements\LogoBeta.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\ssv.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\features\com.jrockit.mc.rcp.product_5.5.0.165303\feature.properties.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-modules-appui.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Pacific\Port_Moresby.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Hearts\HeartsMCE.lnk.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\sd\jamendo.luac.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\rssBackBlue_Undocked.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\fa\LC_MESSAGES\vlc.mo.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_srt_plugin.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\TipRes.dll.mui.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Indiana\Indianapolis.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\core\locale\core_zh_CN.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-openide-nodes_ja.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Office\Office14\OLKFSTUB.DLL.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\en-US\js\library.js.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Currency.Gadget\images\base-undocked-4.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\ado\msado25.tlb.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Sports\PreviousMenuButtonIcon.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\bin\NetworkServerControl.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.frameworkadmin_2.0.100.v20131209-2144.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\playlist\jamendo.luac.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\images\item_hover_flyout.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\chrome.VisualElementsManifest.xml.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ecf.filetransfer_5.0.0.v20140827-1444.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Eirunepe.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpAsDesc.dll.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\RSSFeeds.Gadget\de-DE\RSSFeeds.html.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Asia\Tbilisi.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Antigua.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\default_thumb.jpg.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\45.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Travel\passport.png.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Guyana.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_ja.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-modules-masterfs_zh_CN.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\deploy\messages_ko.properties.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.swt.win32.win32.x86_64_3.103.1.v20140903-1947.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-swing-plaf_zh_CN.jar.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\fr-FR\css\calendar.css.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\it-IT\WMM2CLIP.dll.mui.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Iqaluit.tmp	37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\37e7fb6babbfb97ef96edaadca842502a5f88ed6e0bc1b337614e225c0153fd0_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:836

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2737914667-933161113-3798636211-1000\desktop.ini.tmp
Filesize
86KB

MD5
bb615d8cf626177b26c66e469725d9a6

SHA1
e86b4627521d78c1bf9caaa2942a69195c7550b3

SHA256
7112d525297fd69a3c404d7604da053ce42859fcc292ef1546389c38d03befdc

SHA512
e63108f11cecb3bcc1adffd7758e84a843162887bee92d8b977412b876deb86c803bc477c2fae5220b168e03f77446ceecc013cb1a6ae7731023934c1564b596

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
94KB

MD5
d3e72e8a80939ec8b72e8ee6971883fb

SHA1
23cdf07d11adf115007c5ce6b7f2c622da9abbd5

SHA256
7205c1c2a56a98bb2e803b4c98bfbab1e64c966f20694e1fcb9e5e5f01bad380

SHA512
b8460ecdab0ad81ec6f71e94b9e9e347d294a30e034f52df6235b4c896b17c1f311c74ecb9bb68970be208d6fb6583777db3d3ff9589d98ad71586694d3475a1

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads