Overview

overview

10

Static

static

10

fe1070be77...KI.exe

windows7-x64

10

fe1070be77...KI.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fe1070be77bb739ebc8038978ba3aec0_NEIKI

  • Size

    3.2MB

  • Sample

    240509-fvq2esce5x

  • MD5

    fe1070be77bb739ebc8038978ba3aec0

  • SHA1

    b28727cbc504fdc31dafc538e96c3b557ed427f1

  • SHA256

    0945f63aec42ab29af3c94a75e8be3fd56bae05a4eb9a0c495c52130b575bf92

  • SHA512

    b23bb63bb2f8a68e742a1f490bf884741da0904f271ce309abbc1e2169705b0f44d4d72ede3e33d9b3e27b41872741fc0fbd4ab47a1c82fcf78ef226a5fd7893

  • SSDEEP

    98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWY:SbBeSFk8

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      fe1070be77bb739ebc8038978ba3aec0_NEIKI

    • Size

      3.2MB

    • MD5

      fe1070be77bb739ebc8038978ba3aec0

    • SHA1

      b28727cbc504fdc31dafc538e96c3b557ed427f1

    • SHA256

      0945f63aec42ab29af3c94a75e8be3fd56bae05a4eb9a0c495c52130b575bf92

    • SHA512

      b23bb63bb2f8a68e742a1f490bf884741da0904f271ce309abbc1e2169705b0f44d4d72ede3e33d9b3e27b41872741fc0fbd4ab47a1c82fcf78ef226a5fd7893

    • SSDEEP

      98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWY:SbBeSFk8

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks