General

  • Target

    02515f0eaacbc6c0bcea0e2bf0609d30_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240601-195tcahd63

  • MD5

    02515f0eaacbc6c0bcea0e2bf0609d30

  • SHA1

    275925ab9d9ea5664689babfd2735a80a5786658

  • SHA256

    f96e5996b12c27ec24522d7fa8da5ffbb77e926029962fc30c3c66dca018d5e7

  • SHA512

    38bfea86920db8a139f919d8b048c516aee92589ccb960fab3f46f930391641c9994d0b3ee1e6fccba0ec01745ce193d65ff2d5542926c012400a0fdd12a3eb3

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6SqCPGC6HZkIT/W:RWWBiby+

Malware Config

Targets

    • Target

      02515f0eaacbc6c0bcea0e2bf0609d30_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      02515f0eaacbc6c0bcea0e2bf0609d30

    • SHA1

      275925ab9d9ea5664689babfd2735a80a5786658

    • SHA256

      f96e5996b12c27ec24522d7fa8da5ffbb77e926029962fc30c3c66dca018d5e7

    • SHA512

      38bfea86920db8a139f919d8b048c516aee92589ccb960fab3f46f930391641c9994d0b3ee1e6fccba0ec01745ce193d65ff2d5542926c012400a0fdd12a3eb3

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6SqCPGC6HZkIT/W:RWWBiby+

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks