General

  • Target

    3d7ba050603b2591a1e629bd2e946350_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240529-eykhdaac6w

  • MD5

    3d7ba050603b2591a1e629bd2e946350

  • SHA1

    798da4ad910d0c2c3b42de218d1d116e41bcead2

  • SHA256

    9d49382cda59d02006b7d19e5681655297017ae89b6daaaadf30da34bad4a5c5

  • SHA512

    428a7dbe65042d6df58683fa22f402a9dfa1175a797abe06bdcaa2c11016fb63bae7e4fe32844db5172a39b34383a02f23f9b15588b574bc38f6ac8495edc7d8

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SqCPGC6HZkIT/o+:RWWBiby/

Malware Config

Targets

    • Target

      3d7ba050603b2591a1e629bd2e946350_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      3d7ba050603b2591a1e629bd2e946350

    • SHA1

      798da4ad910d0c2c3b42de218d1d116e41bcead2

    • SHA256

      9d49382cda59d02006b7d19e5681655297017ae89b6daaaadf30da34bad4a5c5

    • SHA512

      428a7dbe65042d6df58683fa22f402a9dfa1175a797abe06bdcaa2c11016fb63bae7e4fe32844db5172a39b34383a02f23f9b15588b574bc38f6ac8495edc7d8

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6SqCPGC6HZkIT/o+:RWWBiby/

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks