General
-
Target
137efbf58e0efe451ec07daa13efb9b0_NeikiAnalytics
-
Size
9.5MB
-
Sample
240512-qh2bqsgb81
-
MD5
137efbf58e0efe451ec07daa13efb9b0
-
SHA1
deb2b59f88f10afbfb67884db647cd63ac43c68a
-
SHA256
410792d34eec5a22042252578d6671d26381eccc43c66270b862d2f0ec5a6d4a
-
SHA512
526cc66f28bd9f770f278ac274870bcf6f93b0f30423ade3b70008dc83a4f555eef4e4850d8fa55c96cb506c3b9b2ac4ebe6d8e229b3dbe51d78f61b6e5826ad
-
SSDEEP
196608:2E4AR2qKb4moOENQOJCfat0bCg/uI8G+nX/39xv:2ELR2q0dmjRkCgEG+nXT
Behavioral task
behavioral1
Sample
137efbf58e0efe451ec07daa13efb9b0_NeikiAnalytics.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
137efbf58e0efe451ec07daa13efb9b0_NeikiAnalytics
-
Size
9.5MB
-
MD5
137efbf58e0efe451ec07daa13efb9b0
-
SHA1
deb2b59f88f10afbfb67884db647cd63ac43c68a
-
SHA256
410792d34eec5a22042252578d6671d26381eccc43c66270b862d2f0ec5a6d4a
-
SHA512
526cc66f28bd9f770f278ac274870bcf6f93b0f30423ade3b70008dc83a4f555eef4e4850d8fa55c96cb506c3b9b2ac4ebe6d8e229b3dbe51d78f61b6e5826ad
-
SSDEEP
196608:2E4AR2qKb4moOENQOJCfat0bCg/uI8G+nX/39xv:2ELR2q0dmjRkCgEG+nXT
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-