Overview

overview

10

Static

static

10

4603943879...cs.exe

windows7-x64

10

4603943879...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4603943879a891cb0fe9099d540ffc60_NeikiAnalytics

  • Size

    4.3MB

  • Sample

    240511-2xe8lafg68

  • MD5

    4603943879a891cb0fe9099d540ffc60

  • SHA1

    0297d570ea5d1eb6e5f09b088341bbbab5aff542

  • SHA256

    acd587f057302ca46cc55938226a53a8b4820e7f71b5717372fe7ea18bbeb60f

  • SHA512

    f7aeb9843f1db6c02029b4d3ffd1fd54b6f1d61db24d3afd4064e0b1ed8535fa5f3ec8bf197fa33285ff0fdb95f0ff8b0112b34082c15cca774b553bc33da086

  • SSDEEP

    98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW2:SbBeSFka

Score
10/10
xmrigexecutionminerupx

Malware Config

Targets

    • Target

      4603943879a891cb0fe9099d540ffc60_NeikiAnalytics

    • Size

      4.3MB

    • MD5

      4603943879a891cb0fe9099d540ffc60

    • SHA1

      0297d570ea5d1eb6e5f09b088341bbbab5aff542

    • SHA256

      acd587f057302ca46cc55938226a53a8b4820e7f71b5717372fe7ea18bbeb60f

    • SHA512

      f7aeb9843f1db6c02029b4d3ffd1fd54b6f1d61db24d3afd4064e0b1ed8535fa5f3ec8bf197fa33285ff0fdb95f0ff8b0112b34082c15cca774b553bc33da086

    • SSDEEP

      98304:S1ONtyBeSFkXV1etEKLlWUTOfeiRA2R76zHrW2:SbBeSFka

    Score
    10/10
    xmrigexecutionminerupx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Blocklisted process makes network request

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

      execution

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks