Overview

overview

10

Static

static

10

8b9c845ecd...cs.exe

windows7-x64

10

8b9c845ecd...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b9c845ecd21637447293e88f26b40d0_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240518-ex5rxsbg26

  • MD5

    8b9c845ecd21637447293e88f26b40d0

  • SHA1

    b0900ec476c8701ef35ad932a1f992d7cc6d7ec8

  • SHA256

    1e4f0fbe1c1d4a7d3df413acd206b44095172b5df564278267a14eed1b214fd6

  • SHA512

    98a21e880bbabbe12cf31b4feb9ca6964983f05a7204a2eb6bd987fead5cc6569632e28fa4bf77afccd18179e920175ce581a24654a0e4fd98797815f26e4076

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StnOK:BemTLkNdfE0pZrwI

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      8b9c845ecd21637447293e88f26b40d0_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      8b9c845ecd21637447293e88f26b40d0

    • SHA1

      b0900ec476c8701ef35ad932a1f992d7cc6d7ec8

    • SHA256

      1e4f0fbe1c1d4a7d3df413acd206b44095172b5df564278267a14eed1b214fd6

    • SHA512

      98a21e880bbabbe12cf31b4feb9ca6964983f05a7204a2eb6bd987fead5cc6569632e28fa4bf77afccd18179e920175ce581a24654a0e4fd98797815f26e4076

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StnOK:BemTLkNdfE0pZrwI

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks