Overview

overview

10

Static

static

10

3c116ec0c8...cs.exe

windows7-x64

10

3c116ec0c8...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c116ec0c8d2fa8e393be2e3ac873a20_NeikiAnalytics.exe

  • Size

    1.5MB

  • Sample

    240603-tp4l8aca6s

  • MD5

    3c116ec0c8d2fa8e393be2e3ac873a20

  • SHA1

    6c90a931667d492a8d24a4817d28102a10ed4127

  • SHA256

    a4a817dcefa88197b255050bc35006e8ea14e4a6c1c5c1e9bde3fe984d7e855c

  • SHA512

    5eb1981ac4cc3cdb75cc4dfc9a4bc79d296d14dd75f3557fd1f5e8d4149037b9be64c9839ffc5542adcb86260f4a5e87ae3877604109c784b227ba25e79ae7ec

  • SSDEEP

    49152:ROdWCCi7/raZ5aIwC+Agr6g81p1vsrNi149:RWWBibyI

Score
10/10
kpotxmrigminerstealertrojanupx

Malware Config

Targets

    • Target

      3c116ec0c8d2fa8e393be2e3ac873a20_NeikiAnalytics.exe

    • Size

      1.5MB

    • MD5

      3c116ec0c8d2fa8e393be2e3ac873a20

    • SHA1

      6c90a931667d492a8d24a4817d28102a10ed4127

    • SHA256

      a4a817dcefa88197b255050bc35006e8ea14e4a6c1c5c1e9bde3fe984d7e855c

    • SHA512

      5eb1981ac4cc3cdb75cc4dfc9a4bc79d296d14dd75f3557fd1f5e8d4149037b9be64c9839ffc5542adcb86260f4a5e87ae3877604109c784b227ba25e79ae7ec

    • SSDEEP

      49152:ROdWCCi7/raZ5aIwC+Agr6g81p1vsrNi149:RWWBibyI

    Score
    10/10
    kpotxmrigminerstealertrojanupx

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks