General
-
Target
6691cf4857ba05a9663c16664c90d560_NeikiAnalytics.exe
-
Size
3.2MB
-
Sample
240523-mzcg6adf9v
-
MD5
6691cf4857ba05a9663c16664c90d560
-
SHA1
e48f075270a932fc30718c7fa5d1ec9b0dc9a617
-
SHA256
c43259c7185b584d7658ad93454ae2208271f9a160f06bb9b7e58079d09237b2
-
SHA512
28273e4a765bfcacdd962bdcef98a923493be16a272dbc8dd430885d0bdcb54a2188721029449047cbee5fd5b8b03a1b63ab7214098a42fb8cc1e964b0b39c77
-
SSDEEP
98304:f/rdrQEKrkioT0Lg1VxydWhmSSCev63wYn5WA:xrQtkig1X2PCeUwo51
Behavioral task
behavioral1
Sample
6691cf4857ba05a9663c16664c90d560_NeikiAnalytics.dll
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
6691cf4857ba05a9663c16664c90d560_NeikiAnalytics.exe
-
Size
3.2MB
-
MD5
6691cf4857ba05a9663c16664c90d560
-
SHA1
e48f075270a932fc30718c7fa5d1ec9b0dc9a617
-
SHA256
c43259c7185b584d7658ad93454ae2208271f9a160f06bb9b7e58079d09237b2
-
SHA512
28273e4a765bfcacdd962bdcef98a923493be16a272dbc8dd430885d0bdcb54a2188721029449047cbee5fd5b8b03a1b63ab7214098a42fb8cc1e964b0b39c77
-
SSDEEP
98304:f/rdrQEKrkioT0Lg1VxydWhmSSCev63wYn5WA:xrQtkig1X2PCeUwo51
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-