Overview

overview

10

Static

static

10

d9e4513ecd...cs.exe

windows7-x64

10

d9e4513ecd...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    d9e4513ecdedb47567f1c67848631410_NeikiAnalytics

  • Size

    3.2MB

  • Sample

    240510-n69lxadb3x

  • MD5

    d9e4513ecdedb47567f1c67848631410

  • SHA1

    5c440bb9e52186d955459ed8a9a9f82f70e7cc33

  • SHA256

    44f222a4b5037e5850dbd126ef45cd034de7f6db42a37231237498788bc35a75

  • SHA512

    ded22cfd59488af9c88d344f8d699079f7cbdc13a098be63e40f8aa1743df1096a0c4ae52adc3e6f9ec97d3f4301022a8f59e9bd200f33bf6692ab95900ceb04

  • SSDEEP

    98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWy:SbBeSFkG

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      d9e4513ecdedb47567f1c67848631410_NeikiAnalytics

    • Size

      3.2MB

    • MD5

      d9e4513ecdedb47567f1c67848631410

    • SHA1

      5c440bb9e52186d955459ed8a9a9f82f70e7cc33

    • SHA256

      44f222a4b5037e5850dbd126ef45cd034de7f6db42a37231237498788bc35a75

    • SHA512

      ded22cfd59488af9c88d344f8d699079f7cbdc13a098be63e40f8aa1743df1096a0c4ae52adc3e6f9ec97d3f4301022a8f59e9bd200f33bf6692ab95900ceb04

    • SSDEEP

      98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrWy:SbBeSFkG

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks