General

  • Target

    28db0d92c3ab3eac3fbfe70ff8460ad0_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240523-x8flaadd8x

  • MD5

    28db0d92c3ab3eac3fbfe70ff8460ad0

  • SHA1

    9b0ea695108d10d32a417915972ba27c31b753eb

  • SHA256

    e16b72fb5f0623211d3e2fff4be1690f9e50c00210e18d04b54224086e5c1932

  • SHA512

    04b7d199e9ba475b5e831761de7c90bf32961a4c73202f5d6cf24cd1047a54f1e8fa98b5301af33cad3ea612e64bfb5d81b35ba9cca47d3b7fd8111abb4f56ae

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p+P3k:NABT

Malware Config

Targets

    • Target

      28db0d92c3ab3eac3fbfe70ff8460ad0_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      28db0d92c3ab3eac3fbfe70ff8460ad0

    • SHA1

      9b0ea695108d10d32a417915972ba27c31b753eb

    • SHA256

      e16b72fb5f0623211d3e2fff4be1690f9e50c00210e18d04b54224086e5c1932

    • SHA512

      04b7d199e9ba475b5e831761de7c90bf32961a4c73202f5d6cf24cd1047a54f1e8fa98b5301af33cad3ea612e64bfb5d81b35ba9cca47d3b7fd8111abb4f56ae

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4p+P3k:NABT

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks