Overview

overview

10

Static

static

10

c753cd3dc8...cs.exe

windows7-x64

10

c753cd3dc8...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c753cd3dc81b1fd5f52deaec38075140_NeikiAnalytics.exe

  • Size

    2.1MB

  • Sample

    240519-qh3jssab53

  • MD5

    c753cd3dc81b1fd5f52deaec38075140

  • SHA1

    708de64e6e91477b556a78a15d14c8e923e378f6

  • SHA256

    bb07be9a42373c033e9290d777532cfd8f976eb663cb1e85077201e41696f4d5

  • SHA512

    1b4a37ccbdf820fd868b64a5b013ed53439ae97564e76c4ac86bc5ee84e77b1133190f91bc6f53e38190efa3e8ed10d76b1c9452cf363ceb2f47fcb5471ac4e5

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcI+2zTyjs:BemTLkNdfE0pZrwC

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      c753cd3dc81b1fd5f52deaec38075140_NeikiAnalytics.exe

    • Size

      2.1MB

    • MD5

      c753cd3dc81b1fd5f52deaec38075140

    • SHA1

      708de64e6e91477b556a78a15d14c8e923e378f6

    • SHA256

      bb07be9a42373c033e9290d777532cfd8f976eb663cb1e85077201e41696f4d5

    • SHA512

      1b4a37ccbdf820fd868b64a5b013ed53439ae97564e76c4ac86bc5ee84e77b1133190f91bc6f53e38190efa3e8ed10d76b1c9452cf363ceb2f47fcb5471ac4e5

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcI+2zTyjs:BemTLkNdfE0pZrwC

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks