General
-
Target
4b9dd759c97fcb85fd45a3a5884b122b6a627c187e6bb8873d686c7f7d7b5ffb_NeikiAnalytics.exe
-
Size
3.6MB
-
Sample
240701-mrwk3axaka
-
MD5
501462357d48a4ff3b742f44db5fc9d0
-
SHA1
7eca3b7560fe83774d84dce9838512e31b21dbc3
-
SHA256
4b9dd759c97fcb85fd45a3a5884b122b6a627c187e6bb8873d686c7f7d7b5ffb
-
SHA512
afde5c1d8e4531c07780b1828b9ed55f234d4d67672d5305c33da90d1e56eb0bec39443d423a5f3861264e6fe05f3666c6915b3a2457817bcaa755572c96072d
-
SSDEEP
98304:ICYU7jZ+FLOTb1Lq7oDH0w49sRLr3W5ONd:3v7jZkOXFiA0pOeOH
Behavioral task
behavioral1
Sample
4b9dd759c97fcb85fd45a3a5884b122b6a627c187e6bb8873d686c7f7d7b5ffb_NeikiAnalytics.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
4b9dd759c97fcb85fd45a3a5884b122b6a627c187e6bb8873d686c7f7d7b5ffb_NeikiAnalytics.exe
-
Size
3.6MB
-
MD5
501462357d48a4ff3b742f44db5fc9d0
-
SHA1
7eca3b7560fe83774d84dce9838512e31b21dbc3
-
SHA256
4b9dd759c97fcb85fd45a3a5884b122b6a627c187e6bb8873d686c7f7d7b5ffb
-
SHA512
afde5c1d8e4531c07780b1828b9ed55f234d4d67672d5305c33da90d1e56eb0bec39443d423a5f3861264e6fe05f3666c6915b3a2457817bcaa755572c96072d
-
SSDEEP
98304:ICYU7jZ+FLOTb1Lq7oDH0w49sRLr3W5ONd:3v7jZkOXFiA0pOeOH
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-