General

  • Target

    2be3ebf7f40faab7223f4d4f916c7040_NeikiAnalytics.exe

  • Size

    2.3MB

  • Sample

    240529-chp2tafa82

  • MD5

    2be3ebf7f40faab7223f4d4f916c7040

  • SHA1

    5595384f82af7f3ef5dc5f9dcd0d1cc9e9d47e82

  • SHA256

    1c2fb74cdfe3992cbd5c12f10790e533d961e35142bdb4e207ca4550ec1687f7

  • SHA512

    00414da8173e3a968637e35998819336b4d7385dc42e3c6567b81a643bf92d65d70ccde2f00a50addb635fdf79c37886e1873f7a4ff8833e56c3af53f31383be

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKWnq0vljcI:BemTLkNdfE0pZrwP

Malware Config

Targets

    • Target

      2be3ebf7f40faab7223f4d4f916c7040_NeikiAnalytics.exe

    • Size

      2.3MB

    • MD5

      2be3ebf7f40faab7223f4d4f916c7040

    • SHA1

      5595384f82af7f3ef5dc5f9dcd0d1cc9e9d47e82

    • SHA256

      1c2fb74cdfe3992cbd5c12f10790e533d961e35142bdb4e207ca4550ec1687f7

    • SHA512

      00414da8173e3a968637e35998819336b4d7385dc42e3c6567b81a643bf92d65d70ccde2f00a50addb635fdf79c37886e1873f7a4ff8833e56c3af53f31383be

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEnmcKWnq0vljcI:BemTLkNdfE0pZrwP

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks