General
-
Target
abe15508c788b87c459d40b5591b2ae5f34c987612bf055d22d8edaff805e2db_NeikiAnalytics.exe
-
Size
3.9MB
-
Sample
240629-pwgzks1amp
-
MD5
f27d249fcd2da61d8cc70487604d8fd0
-
SHA1
fb2e59f60a39c49feb4e7c4e6f2c7a82695cf037
-
SHA256
abe15508c788b87c459d40b5591b2ae5f34c987612bf055d22d8edaff805e2db
-
SHA512
d9c1d9319081cf33900e456cf0975f9ab356b3d2fbe1d43113d4e184342ca5b02472c439f2edd5272ad27f3a57a955dde7e3f05e487e3acfdd043d4e1d554b39
-
SSDEEP
98304:8lX3KMj7yBNUVPhd5G0Z5DxdM3hZpmBAlB6D4tyX6kuT4IkQApCgvms0Cv05J5Cz:8lX3KMj7yBNUVPhd5G0Z5DxdM3hZpmBz
Static task
static1
Behavioral task
behavioral1
Sample
abe15508c788b87c459d40b5591b2ae5f34c987612bf055d22d8edaff805e2db_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
abe15508c788b87c459d40b5591b2ae5f34c987612bf055d22d8edaff805e2db_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
abe15508c788b87c459d40b5591b2ae5f34c987612bf055d22d8edaff805e2db_NeikiAnalytics.exe
-
Size
3.9MB
-
MD5
f27d249fcd2da61d8cc70487604d8fd0
-
SHA1
fb2e59f60a39c49feb4e7c4e6f2c7a82695cf037
-
SHA256
abe15508c788b87c459d40b5591b2ae5f34c987612bf055d22d8edaff805e2db
-
SHA512
d9c1d9319081cf33900e456cf0975f9ab356b3d2fbe1d43113d4e184342ca5b02472c439f2edd5272ad27f3a57a955dde7e3f05e487e3acfdd043d4e1d554b39
-
SSDEEP
98304:8lX3KMj7yBNUVPhd5G0Z5DxdM3hZpmBAlB6D4tyX6kuT4IkQApCgvms0Cv05J5Cz:8lX3KMj7yBNUVPhd5G0Z5DxdM3hZpmBz
Score10/10-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-