3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6

Analysis

max time kernel
150s
max time network
122s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
01-07-2024 05:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
Size

48KB
MD5

d3974c4758e4694f7d2c7b9ff1cf9fa0
SHA1

1fdcbc18315fb901125d0c2f38757ec961416c76
SHA256

3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6
SHA512

7c6ec437e6fd4b3246786da6a5346deb9c24b6ac1f2829c16f54df04a4b14d74bbb0ea78ffa3885ca5d0fc7725a7039089406df0c372449860c171ae7b284194
SSDEEP

768:W7BlpNLpARFbhblkYlkuvIYFdqRHRcbNb3:W7ZNLpApCZuvIYXqRHRmJ3

Score

9^/10

ransomware

Malware Config

Signatures

Renames multiple (3555) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
ransomware

Drops file in Program Files directory 64 IoCs

Processes:

3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe

description	ioc	process
File created	C:\Program Files\Common Files\Microsoft Shared\ink\mshwLatin.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Vignette\NavigationLeft_SelectionSubpicture.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Internet Explorer\en-US\jsprofilerui.dll.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Argentina\Buenos_Aires.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Antarctica\Mawson.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.IdentityModel.Selectors.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Defender\MpEvMsg.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\db\3RDPARTY.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Atlantic\Faroe.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\modules\ext\updater.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\com-sun-tools-visualvm-profiler.xml.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\config\Modules\org-netbeans-modules-options-keymap.xml_hidden.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\visualvm\modules\com-sun-tools-visualvm-coredump.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\it\ReachFramework.resources.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\settings_box_top.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\SlideShow.Gadget\ja-JP\css\settings.css.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\es-ES\DVDMaker.exe.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\offset.ax.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\plugin.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.equinox.p2.extensionlocation.nl_zh_4.4.0.v20140623020002.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\profiler\config\Modules\org-netbeans-modules-profiler-attach.xml.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\awt.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\intf\modules\host.luac.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\undocked_black_foggy.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\SpecialOccasion\SpecialNavigationUp_ButtonGraphic.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\bin\jps.exe.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.ui.forms.nl_ja_4.4.0.v20140623020002.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\codec\libtwolame_plugin.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\images\docked_black_moon-waning-gibbous_partly-cloudy.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\cs-CZ\tipresx.dll.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\ja-JP\sqlxmlx.rll.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\Etc\GMT-5.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.ui.zh_CN_5.5.0.165303.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.bindings_0.10.200.v20140424-2042.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\visualvm\platform\update_tracking\org-netbeans-modules-progress-ui.xml.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Management.Instrumentation.Resources.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\ipscht.xml.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\jre\lib\zi\America\Godthab.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.apache.felix.gogo.runtime_0.10.0.v201209301036.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Europe\Sofia.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Minesweeper\ja-JP\Minesweeper.exe.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\fr\System.Data.Entity.Design.Resources.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\lua\http\images\Video-48.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\Microsoft Shared\ink\de-DE\InkWatson.exe.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Shatter\NavigationRight_ButtonGraphic.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\org.eclipse.e4.ui.model.workbench_1.1.0.v20140512-1820.jar.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Weather.Gadget\de-DE\js\settings.js.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files (x86)\Adobe\Reader 9.0\Reader\plug_ins\VDKHome\ENU\Vdk10.lng.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Common Files\System\Ole DB\it-IT\sqlxmlx.rll.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\rectangle_postage_Thumbnail.bmp.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\Australia\Darwin.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\locale\bn\LC_MESSAGES\vlc.mo.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\images\modern_dot.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\management.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\lib\zi\America\Kentucky\Monticello.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Microsoft Games\Multiplayer\Spades\ja-JP\ShvlRes.dll.mui.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.0\PresentationBuildTasks.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Reference Assemblies\Microsoft\Framework\v3.5\it\System.Web.Entity.Design.Resources.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows Sidebar\Gadgets\MediaCenter.Gadget\images\logo.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jre7\bin\fontmanager.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Windows NT\TableTextService\TableTextService.dll.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\DVD Maker\Shared\DvdStyles\Memories\16_9-frame-image-mask.png.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
File created	C:\Program Files\Java\jdk1.7.0_80\lib\missioncontrol\plugins\com.jrockit.mc.console.ui.notification_5.5.0.165303\html\dcommon\gifs\masterix.gif.tmp	3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe

C:\Users\Admin\AppData\Local\Temp\3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\3a6849ec4bdd973fcda6379161889150923c4b085e8793bd69453348402dfee6_NeikiAnalytics.exe"
1⤵
- Drops file in Program Files directory
PID:2132

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\$Recycle.Bin\S-1-5-21-2812790648-3157963462-487717889-1000\desktop.ini.tmp
Filesize
48KB

MD5
9f6e7fd523fe702705a6bc054d27c479

SHA1
4736a2f98c94bedf36e70f82c6c04635657045d7

SHA256
0e31552afe333f71702364ab95b4de4d481a6bd25340f0611200971d7db54e2d

SHA512
95cca4ce3f7fb7454b3d6a57b2ec86055743ed77697caae0816249ba21a2612ff56023aab7db601540576359c85188a14a0b0990e29f25174da552aa95b9a544

Download Submit
C:\MSOCache\All Users\{90140000-0011-0000-0000-0000000FF1CE}-C\Office64WW.xml.tmp
Filesize
57KB

MD5
52e1cb9eb7dadcc76f5e3669431117e1

SHA1
7008313a0da6a833756b5fd7e49470359a60cd1c

SHA256
a9e7628df868ccb1f5756dd997eecf14e426fe9dacdb9910ed24a9d1a5913f9a

SHA512
3c25112e14fbc4012550ece95fbe45a3b969a49e3810d05a3721313ce5c0a75652fa514158729da2ee890b8a310c3cd98421951afe84aba13848d8a34aca4aa8

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads