General

  • Target

    8cbbdd52e91a9e0c051eccfb73371080_NeikiAnalytics.exe

  • Size

    1.7MB

  • Sample

    240523-z8c69shb2x

  • MD5

    8cbbdd52e91a9e0c051eccfb73371080

  • SHA1

    02516c69bae11a9624ae5066433a378d272edc53

  • SHA256

    76d7a115e268c10346758ebd99179dbf022278fcc4fd2641eb80ec740d6f385d

  • SHA512

    8504585ca9bb4cd34ac7cc2ac50c943b7e4f84466595f5b4dddc67c5e55ad78995d9d3a723875730d4cf27619468f792cbb597a79e5639280efe5e26e16bb183

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIRxj4c5yOBQP4Z5EXL0eK:GemTLkNdfE0pZaN

Score
10/10

Malware Config

Targets

    • Target

      8cbbdd52e91a9e0c051eccfb73371080_NeikiAnalytics.exe

    • Size

      1.7MB

    • MD5

      8cbbdd52e91a9e0c051eccfb73371080

    • SHA1

      02516c69bae11a9624ae5066433a378d272edc53

    • SHA256

      76d7a115e268c10346758ebd99179dbf022278fcc4fd2641eb80ec740d6f385d

    • SHA512

      8504585ca9bb4cd34ac7cc2ac50c943b7e4f84466595f5b4dddc67c5e55ad78995d9d3a723875730d4cf27619468f792cbb597a79e5639280efe5e26e16bb183

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIRxj4c5yOBQP4Z5EXL0eK:GemTLkNdfE0pZaN

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks