General
-
Target
c48460792b83e67fd46dd56e1254f380_NeikiAnalytics
-
Size
1.9MB
-
Sample
240510-mjyepacg74
-
MD5
c48460792b83e67fd46dd56e1254f380
-
SHA1
43896f6cc1ed097f86d98ce35897c3d749f8dab4
-
SHA256
cac1b37451318c0847a92f2fd89e4daba3a814bcd0fc7f8a3b61cc21d15a3fd6
-
SHA512
0b850da23cbc4cd1d528c281240111672033e012bb66a7a88e3c42ab640647e1ffa24a9deb975722e6bd0704bcf35b0e3832c878fdd1a9f5ebc52a294f8bdc17
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkipBh8tGxHIBWGlTqTmo6OZXbPbPIdkq8T91EQQsAF:Lz071uv4BPMkiFGlvETbvpEy6gi
Malware Config
Targets
-
-
Target
c48460792b83e67fd46dd56e1254f380_NeikiAnalytics
-
Size
1.9MB
-
MD5
c48460792b83e67fd46dd56e1254f380
-
SHA1
43896f6cc1ed097f86d98ce35897c3d749f8dab4
-
SHA256
cac1b37451318c0847a92f2fd89e4daba3a814bcd0fc7f8a3b61cc21d15a3fd6
-
SHA512
0b850da23cbc4cd1d528c281240111672033e012bb66a7a88e3c42ab640647e1ffa24a9deb975722e6bd0704bcf35b0e3832c878fdd1a9f5ebc52a294f8bdc17
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PMkipBh8tGxHIBWGlTqTmo6OZXbPbPIdkq8T91EQQsAF:Lz071uv4BPMkiFGlvETbvpEy6gi
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-