398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117

Analysis

max time kernel
149s
max time network
119s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 05:42

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
Size

51KB
MD5

f7011272e14703dd14e9f4b1895d4ed0
SHA1

0e030ccdf30d3d25d37d20636bed9f6d7552cc5d
SHA256

398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117
SHA512

597c8ddcaf294a93426cbecf5195bc713c57b6875e830ab6f2505ef4061a762ac71460edb35d52750eb8932e04823cf47aaa8f42d885035f3809bc5f291d81e1
SSDEEP

384:GBt7Br5xjLMuLAgA71FbhvDl3DG71ul3DG71XUmUIYFAHsi3:W7BlpNLpARFbhblkYlkuvIYFdi

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3673) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\nl-NL\tipresx.dll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\North_Dakota\New_Salem.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.browser.ja_5.5.0.165303.jar.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-api-annotations-common.xml.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\w2k_lsa_auth.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\fr\System.IdentityModel.Selectors.Resources.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\it-IT\NBMapTIP.dll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\images\next_rest.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\en-US\sqloledb.rll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\circleround_selectionsubpicture.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\Accessories\de-DE\wordpad.exe.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\37.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\de-DE\sqlxmlx.rll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Caracas.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\square_s.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Tracker\reviewers.gif.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\FlickAnimation.avi.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\BabyBoy\nav_uparrow.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Stacking\1047x576black.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.rjmx.ext_5.5.0.165303.jar.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\Modules\org-netbeans-swing-plaf.xml.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Monterrey.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\ne\LC_MESSAGES\vlc.mo.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\settings.html.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\ps.txt.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\management\jmxremote.access.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.themes_1.0.1.v20140819-1717\css\e4-dark_win.css.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\config\ModuleAutoDeps\org-openide-util.xml.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-sampler.xml.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Indiana\Tell_City.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\hr\LC_MESSAGES\vlc.mo.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\sidebar.exe.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\icudt36.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Lang\hu.txt.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\OldAge\decorative_rule.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\ResizingPanels\NavigationUp_SelectionSubpicture.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Media Player\fr-FR\wmpnssci.dll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\cronometer_dot.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\AcroForm\adobepdf.xdc.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\bin\msvcr100.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Journal\it-IT\MSPVWCTL.DLL.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\39.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Africa\Khartoum.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\de-DE\gadget.xml.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Resource\Icons\APIFile_8.ico.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\AssertBackup.vstx.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\pt-BR\tipresx.dll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Google\Chrome\Application\106.0.5249.119\Locales\sv.pak.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\iedvtool.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Thule.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Photo Viewer\es-ES\PhotoAcq.dll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\drag.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\144DPI\(144DPI)alertIcon.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\Stationery\Roses.htm.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\deploy\messages_ko.properties.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\locale\org-netbeans-core-multiview_zh_CN.jar.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\access\libvnc_plugin.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\7-Zip\Uninstall.exe.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\shadowonlyframe_videoinset.png.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Metlakatla.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\awt.dll.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Checkers\de-DE\ChkrRes.dll.mui.tmp	398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\398486cff13d9fe5943c1e122391a3c181a386a3ce9a5099bd3a9ad34f6a3117_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:1420

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-3627615824-4061627003-3019543961-1000\desktop.ini.tmp
Filesize
51KB

MD5
cbd616e673d97cede3f8fdced2a32607

SHA1
54945dcc9be931453ed105f4393bc9f38b2ffd0f

SHA256
ea2abad367df3cdcb84348638f028fc46fada20f178ae0afa56428db92695ce3

SHA512
66cdbbd7680b7f46bb507414a2d2ffa3f17166ad707c819da5cabcfe2ec14f3bc8e5479d458912a83c5af11af50a2922bcf84e957b317dafa69a3f64edb0ffe8

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
60KB

MD5
7d0f464c95e638c1d71fc625ccac8dd2

SHA1
9a6d4f0d33b129b2512d1c24ecd2a0e11b0d8fe4

SHA256
a06dc355efd2d744e2f2aff0a1649caf05d98a4b7b889297c392c308080c8450

SHA512
96f66903d0a74b24107a5bb68ca5945f8336e1516825e364bc462ece53aa30184a22c7c0bd31eee30af7ea0268973de8358d3751c8e9ebdc0019edacfe55ad15

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads