General
-
Target
4b57079841211c3373e8bbce31ef2ddd9fd2bf416788e62fd3527aabf4d4fbf9_NeikiAnalytics.exe
-
Size
4.7MB
-
Sample
240701-mpke1swgpg
-
MD5
ea47a71d237dee5c2ff5786bad9b5280
-
SHA1
f64c489b5bf9215419a917449b07f08d45610eb7
-
SHA256
4b57079841211c3373e8bbce31ef2ddd9fd2bf416788e62fd3527aabf4d4fbf9
-
SHA512
c270d8fb255b5c0aa2a6565ea20d775356d94bea0094debddfc8024e360ff95c849df488eb10e2741511199d1c000d615487b55ede3924e9aedcbb0b912c8b25
-
SSDEEP
98304:dy53AUhplQIpPWPyfTrVMBmcbyJNjL5etEkmwhGRis0Io:dDULlPWq/CBJGHSdmwhGRo
Malware Config
Targets
-
-
Target
4b57079841211c3373e8bbce31ef2ddd9fd2bf416788e62fd3527aabf4d4fbf9_NeikiAnalytics.exe
-
Size
4.7MB
-
MD5
ea47a71d237dee5c2ff5786bad9b5280
-
SHA1
f64c489b5bf9215419a917449b07f08d45610eb7
-
SHA256
4b57079841211c3373e8bbce31ef2ddd9fd2bf416788e62fd3527aabf4d4fbf9
-
SHA512
c270d8fb255b5c0aa2a6565ea20d775356d94bea0094debddfc8024e360ff95c849df488eb10e2741511199d1c000d615487b55ede3924e9aedcbb0b912c8b25
-
SSDEEP
98304:dy53AUhplQIpPWPyfTrVMBmcbyJNjL5etEkmwhGRis0Io:dDULlPWq/CBJGHSdmwhGRo
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-