General
-
Target
4ad0f829cafc58eb5a0f61ef642e3ff0_NeikiAnalytics.exe
-
Size
3.7MB
-
Sample
240522-19r79abb77
-
MD5
4ad0f829cafc58eb5a0f61ef642e3ff0
-
SHA1
cacabb7ef42a0d57b7f2545f85cfe4ae10602863
-
SHA256
3a8e0ad1aef45078317e3475d62fd8af84d50ebd58a5999eb56fec238039daf9
-
SHA512
39e8e70659deb347084ba5ac74d79a6c731da5c5b0f072a0bf2c45076e8e861b60505af293fdc96e818b348bddd24c75f92e74929f3a5229efd905b0e819bac6
-
SSDEEP
98304:81UDBqkepq5aOd2h3rirfXzjvLbMgutSMXps:8gBqpqokSOrfXzdaSMXK
Malware Config
Targets
-
-
Target
4ad0f829cafc58eb5a0f61ef642e3ff0_NeikiAnalytics.exe
-
Size
3.7MB
-
MD5
4ad0f829cafc58eb5a0f61ef642e3ff0
-
SHA1
cacabb7ef42a0d57b7f2545f85cfe4ae10602863
-
SHA256
3a8e0ad1aef45078317e3475d62fd8af84d50ebd58a5999eb56fec238039daf9
-
SHA512
39e8e70659deb347084ba5ac74d79a6c731da5c5b0f072a0bf2c45076e8e861b60505af293fdc96e818b348bddd24c75f92e74929f3a5229efd905b0e819bac6
-
SSDEEP
98304:81UDBqkepq5aOd2h3rirfXzjvLbMgutSMXps:8gBqpqokSOrfXzdaSMXK
Score9/10-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Themida packer
Detects Themida, an advanced Windows software protection system.
-
Checks whether UAC is enabled
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-