Overview

overview

10

Static

static

10

43fcd32087...cs.exe

windows7-x64

10

43fcd32087...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    43fcd320878011174835eb83786f82c0_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240602-gn2p1sdb4y

  • MD5

    43fcd320878011174835eb83786f82c0

  • SHA1

    cc4588cf9d57168b2e4cab72ace7a52d42c9cdd9

  • SHA256

    2810396308dc9c5ef46a2da640a050a27974effb11793c026da03e0ab6b0674c

  • SHA512

    3fd4dc54bb4b2c1bc2863d4fc8a8d634910207edd2aa3ef14dc94196db4da8f33dabb7c52302ad2d09ba5c3a722ec0b2360aeae686c69d41cf241d8b62fa8541

  • SSDEEP

    49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEn0ks6:BemTLkNdfE0pZrwV

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      43fcd320878011174835eb83786f82c0_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      43fcd320878011174835eb83786f82c0

    • SHA1

      cc4588cf9d57168b2e4cab72ace7a52d42c9cdd9

    • SHA256

      2810396308dc9c5ef46a2da640a050a27974effb11793c026da03e0ab6b0674c

    • SHA512

      3fd4dc54bb4b2c1bc2863d4fc8a8d634910207edd2aa3ef14dc94196db4da8f33dabb7c52302ad2d09ba5c3a722ec0b2360aeae686c69d41cf241d8b62fa8541

    • SSDEEP

      49152:BezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StVEn0ks6:BemTLkNdfE0pZrwV

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks