General

  • Target

    d288f453ca6d1734d4836a9ae4544030_NeikiAnalytics.exe

  • Size

    1.4MB

  • Sample

    240519-rfw5nsbd21

  • MD5

    d288f453ca6d1734d4836a9ae4544030

  • SHA1

    1f1dee39fb11fb31714e1c082cfca73ba5987386

  • SHA256

    70ea633971829fc255db1e853ee70cfc3e3f06bd7e2e16ea463b5ce590007b93

  • SHA512

    747093cb32f4cae762bd4ddafd94d62ebf055639e916cffc3ba11cfac57e6f29483b356bebcdd731d9128bfefc73fb84cf7627e64288b9b8641694598b0ab108

  • SSDEEP

    24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSM6w:ROdWCCi7/raZ5aIwC+Agr6SN5

Malware Config

Targets

    • Target

      d288f453ca6d1734d4836a9ae4544030_NeikiAnalytics.exe

    • Size

      1.4MB

    • MD5

      d288f453ca6d1734d4836a9ae4544030

    • SHA1

      1f1dee39fb11fb31714e1c082cfca73ba5987386

    • SHA256

      70ea633971829fc255db1e853ee70cfc3e3f06bd7e2e16ea463b5ce590007b93

    • SHA512

      747093cb32f4cae762bd4ddafd94d62ebf055639e916cffc3ba11cfac57e6f29483b356bebcdd731d9128bfefc73fb84cf7627e64288b9b8641694598b0ab108

    • SSDEEP

      24576:RVIl/WDGCi7/qkat6Q5aILMCfmAUjzX6xQ0+wCIygDsAUSM6w:ROdWCCi7/raZ5aIwC+Agr6SN5

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks