General

  • Target

    90294ee27d1073ab54ebc72ae429f090_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240523-1jvkpahg67

  • MD5

    90294ee27d1073ab54ebc72ae429f090

  • SHA1

    dc47a05368f3f10190f47474d202e75645ea1c22

  • SHA256

    d386432590f8c86284b7f23af7ec20567c4c521e381a0e15967b7b598aa9b42f

  • SHA512

    052819da37bf987a0392bbd9fe19466be688e546f6b5015102ca6bc0dfa19059e8181559843d13de6b160902bd7444df5643e29823ce32ee7f41d6fc72a74499

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wISK9NcHa6S5uJb:BemTLkNdfE0pZr6

Score
10/10

Malware Config

Targets

    • Target

      90294ee27d1073ab54ebc72ae429f090_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      90294ee27d1073ab54ebc72ae429f090

    • SHA1

      dc47a05368f3f10190f47474d202e75645ea1c22

    • SHA256

      d386432590f8c86284b7f23af7ec20567c4c521e381a0e15967b7b598aa9b42f

    • SHA512

      052819da37bf987a0392bbd9fe19466be688e546f6b5015102ca6bc0dfa19059e8181559843d13de6b160902bd7444df5643e29823ce32ee7f41d6fc72a74499

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wISK9NcHa6S5uJb:BemTLkNdfE0pZr6

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks