General
-
Target
2f847ab10e624d7cdde22b682216df60_NeikiAnalytics.exe
-
Size
5.0MB
-
Sample
240605-dgnm2acc7y
-
MD5
2f847ab10e624d7cdde22b682216df60
-
SHA1
ca4b0666767393d16851361dda3075171fcc7bde
-
SHA256
65207ed4cb17ed6c9498a67f72897541f723931b07045adcc53e87f013ccb3fb
-
SHA512
f092dc1ee1f054df797dc96a18b8887d570339fcdf9bad96ecbf1e660a9a59a75ce3d7385f08fbf88293e5d164a78587a8301c977ca7c4847303230dd734b47b
-
SSDEEP
98304:N390+hC+IQgEzeCUd6crFOr5dCsLdzyv+9+GxoWbTExHHEXEWr2u4v:d5ITEzeVjFOr5drxzwG2WqkXEW
Behavioral task
behavioral1
Sample
2f847ab10e624d7cdde22b682216df60_NeikiAnalytics.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
2f847ab10e624d7cdde22b682216df60_NeikiAnalytics.exe
-
Size
5.0MB
-
MD5
2f847ab10e624d7cdde22b682216df60
-
SHA1
ca4b0666767393d16851361dda3075171fcc7bde
-
SHA256
65207ed4cb17ed6c9498a67f72897541f723931b07045adcc53e87f013ccb3fb
-
SHA512
f092dc1ee1f054df797dc96a18b8887d570339fcdf9bad96ecbf1e660a9a59a75ce3d7385f08fbf88293e5d164a78587a8301c977ca7c4847303230dd734b47b
-
SSDEEP
98304:N390+hC+IQgEzeCUd6crFOr5dCsLdzyv+9+GxoWbTExHHEXEWr2u4v:d5ITEzeVjFOr5drxzwG2WqkXEW
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Loads dropped DLL
-
Obfuscated with Agile.Net obfuscator
Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
-