General

  • Target

    2790bb43e622eb0eae0c92376d7ba0d0_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240602-c7mmzsgb81

  • MD5

    2790bb43e622eb0eae0c92376d7ba0d0

  • SHA1

    e1e9943a5983b852a6c9efe707242780d07029ec

  • SHA256

    62e931c6e56b8149fe979b7f46ba4347206d483ad86d12c900139120e04a3348

  • SHA512

    94ec50c893cfdb17ae467b0ae305ca7f3e03073b64e7b51cc6e9b5948333cc972b21adbed81c5ecf0577d9a51174a83d2cf74bec78abd76a9a45374a165459a6

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FFC+klF:GemTLkNdfE0pZaQf

Malware Config

Targets

    • Target

      2790bb43e622eb0eae0c92376d7ba0d0_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      2790bb43e622eb0eae0c92376d7ba0d0

    • SHA1

      e1e9943a5983b852a6c9efe707242780d07029ec

    • SHA256

      62e931c6e56b8149fe979b7f46ba4347206d483ad86d12c900139120e04a3348

    • SHA512

      94ec50c893cfdb17ae467b0ae305ca7f3e03073b64e7b51cc6e9b5948333cc972b21adbed81c5ecf0577d9a51174a83d2cf74bec78abd76a9a45374a165459a6

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FFC+klF:GemTLkNdfE0pZaQf

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks