General

  • Target

    67e855ee5594a4285f795728fb763440_NeikiAnalytics.exe

  • Size

    1.7MB

  • Sample

    240525-q3wa8aef2x

  • MD5

    67e855ee5594a4285f795728fb763440

  • SHA1

    0957f6e0daecc7963a2556b71df049368aea7c51

  • SHA256

    109f7e7b06c93202a0c120c454a718c911958025d1fda64b588927ea23aed53c

  • SHA512

    fd7dc27d94c5583dcb6d7295ae94529b03242fb81803e045457720f350ffe37fbd8f28ead8aa6d213e654312afff4063bce1e028b207654bf0beb7d9e032e38f

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkiptb8q33F1QeQthKJAc+StNfN3IvGIcveRO8JqU1Q:Lz071uv4BPMkivwSbaMYPcyO8GYE4S

Malware Config

Targets

    • Target

      67e855ee5594a4285f795728fb763440_NeikiAnalytics.exe

    • Size

      1.7MB

    • MD5

      67e855ee5594a4285f795728fb763440

    • SHA1

      0957f6e0daecc7963a2556b71df049368aea7c51

    • SHA256

      109f7e7b06c93202a0c120c454a718c911958025d1fda64b588927ea23aed53c

    • SHA512

      fd7dc27d94c5583dcb6d7295ae94529b03242fb81803e045457720f350ffe37fbd8f28ead8aa6d213e654312afff4063bce1e028b207654bf0beb7d9e032e38f

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkiptb8q33F1QeQthKJAc+StNfN3IvGIcveRO8JqU1Q:Lz071uv4BPMkivwSbaMYPcyO8GYE4S

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks