General

  • Target

    365a888e21f17fd805cc3f7832b575d0_NEIKI

  • Size

    1.9MB

  • Sample

    240508-yycx3sdc4x

  • MD5

    365a888e21f17fd805cc3f7832b575d0

  • SHA1

    01602ad18c9b64ecf1b817bb51b90b00b33eecb8

  • SHA256

    91ae760d065ef71217efa1034d3d73a3b083f46aa444deb3b52788242c4e77ac

  • SHA512

    501185ed374985cc654df5b55ff0368a5679e2f43d10ba4d6ba5088e485aeaf2028c1e47027e495f233bb2e9fc4ae23a1d6eca5bfa672ee44161dedc960b287a

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pPg8dOP:NABy

Malware Config

Targets

    • Target

      365a888e21f17fd805cc3f7832b575d0_NEIKI

    • Size

      1.9MB

    • MD5

      365a888e21f17fd805cc3f7832b575d0

    • SHA1

      01602ad18c9b64ecf1b817bb51b90b00b33eecb8

    • SHA256

      91ae760d065ef71217efa1034d3d73a3b083f46aa444deb3b52788242c4e77ac

    • SHA512

      501185ed374985cc654df5b55ff0368a5679e2f43d10ba4d6ba5088e485aeaf2028c1e47027e495f233bb2e9fc4ae23a1d6eca5bfa672ee44161dedc960b287a

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pPg8dOP:NABy

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks