General
-
Target
1b38015db059780ef6a59307deb2deb8a75dc06d4e14b91ae511f0b72327abcd_NeikiAnalytics.exe
-
Size
110KB
-
Sample
240625-2f53pazenr
-
MD5
bc98184553877c8c61f96cdc8c2de820
-
SHA1
8db5150ef1c912ec846de52b3b2c957d85114c81
-
SHA256
1b38015db059780ef6a59307deb2deb8a75dc06d4e14b91ae511f0b72327abcd
-
SHA512
9fbeab6968be99513c10921cd1d0f7b423aeb4badc3c665e9da068a1c86aed8b148f0682190e6aa3363eb9672506cb0d435dff385928d903802ed3b0e7d623b5
-
SSDEEP
1536:bLXB65939tY6HBg4sXJ1UviBhkohVKJjFhaLeT99+eLnVtUviBhkohVKJjFhvOc4:bLk395hYXJ1UvUWXsP2nvUvUWX8CE
Malware Config
Targets
-
-
Target
1b38015db059780ef6a59307deb2deb8a75dc06d4e14b91ae511f0b72327abcd_NeikiAnalytics.exe
-
Size
110KB
-
MD5
bc98184553877c8c61f96cdc8c2de820
-
SHA1
8db5150ef1c912ec846de52b3b2c957d85114c81
-
SHA256
1b38015db059780ef6a59307deb2deb8a75dc06d4e14b91ae511f0b72327abcd
-
SHA512
9fbeab6968be99513c10921cd1d0f7b423aeb4badc3c665e9da068a1c86aed8b148f0682190e6aa3363eb9672506cb0d435dff385928d903802ed3b0e7d623b5
-
SSDEEP
1536:bLXB65939tY6HBg4sXJ1UviBhkohVKJjFhaLeT99+eLnVtUviBhkohVKJjFhvOc4:bLk395hYXJ1UvUWXsP2nvUvUWX8CE
Score10/10-
Banload
Banload variants download malicious files, then install and execute the files.
-
Identifies VirtualBox via ACPI registry values (likely anti-VM)
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Downloads MZ/PE file
-