General

  • Target

    137efbf58e0efe451ec07daa13efb9b0_NeikiAnalytics

  • Size

    9.5MB

  • Sample

    240512-qh2bqsgb81

  • MD5

    137efbf58e0efe451ec07daa13efb9b0

  • SHA1

    deb2b59f88f10afbfb67884db647cd63ac43c68a

  • SHA256

    410792d34eec5a22042252578d6671d26381eccc43c66270b862d2f0ec5a6d4a

  • SHA512

    526cc66f28bd9f770f278ac274870bcf6f93b0f30423ade3b70008dc83a4f555eef4e4850d8fa55c96cb506c3b9b2ac4ebe6d8e229b3dbe51d78f61b6e5826ad

  • SSDEEP

    196608:2E4AR2qKb4moOENQOJCfat0bCg/uI8G+nX/39xv:2ELR2q0dmjRkCgEG+nXT

Malware Config

Targets

    • Target

      137efbf58e0efe451ec07daa13efb9b0_NeikiAnalytics

    • Size

      9.5MB

    • MD5

      137efbf58e0efe451ec07daa13efb9b0

    • SHA1

      deb2b59f88f10afbfb67884db647cd63ac43c68a

    • SHA256

      410792d34eec5a22042252578d6671d26381eccc43c66270b862d2f0ec5a6d4a

    • SHA512

      526cc66f28bd9f770f278ac274870bcf6f93b0f30423ade3b70008dc83a4f555eef4e4850d8fa55c96cb506c3b9b2ac4ebe6d8e229b3dbe51d78f61b6e5826ad

    • SSDEEP

      196608:2E4AR2qKb4moOENQOJCfat0bCg/uI8G+nX/39xv:2ELR2q0dmjRkCgEG+nXT

    • Identifies VirtualBox via ACPI registry values (likely anti-VM)

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Checks whether UAC is enabled

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks