General

  • Target

    414374feb07dd96ebe8af6256db984d0_NeikiAnalytics.exe

  • Size

    2.0MB

  • Sample

    240605-gfvxhaff5z

  • MD5

    414374feb07dd96ebe8af6256db984d0

  • SHA1

    6feed79b77495cbe5aa45e45d2a00c3545132cb8

  • SHA256

    4451ea9ddb042e7f3866f67213f9b6ab54d4e4a138a8760cac06f6ea20d9fd43

  • SHA512

    fa0165230b37cb79c8a0c35ea6aa1bb1d88f74f974703cc8cf73fc9212c91ee36de5c255de76233f3300102f3de5d75dd36727d34388f681e08e525d19c08e52

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StbG:oemTLkNdfE0pZrwN

Malware Config

Targets

    • Target

      414374feb07dd96ebe8af6256db984d0_NeikiAnalytics.exe

    • Size

      2.0MB

    • MD5

      414374feb07dd96ebe8af6256db984d0

    • SHA1

      6feed79b77495cbe5aa45e45d2a00c3545132cb8

    • SHA256

      4451ea9ddb042e7f3866f67213f9b6ab54d4e4a138a8760cac06f6ea20d9fd43

    • SHA512

      fa0165230b37cb79c8a0c35ea6aa1bb1d88f74f974703cc8cf73fc9212c91ee36de5c255de76233f3300102f3de5d75dd36727d34388f681e08e525d19c08e52

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StbG:oemTLkNdfE0pZrwN

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks