General

  • Target

    1969cb6ea182ae4fdacec20a1ed2fb50_NeikiAnalytics.exe

  • Size

    1.8MB

  • Sample

    240610-rlgbeayeph

  • MD5

    1969cb6ea182ae4fdacec20a1ed2fb50

  • SHA1

    821a26a24890e8f1cb1d8e5ddcca6507b0129231

  • SHA256

    bf7865d71045ccd04531904b166689621ace7ad174637ca825ed805fdf3fdf7b

  • SHA512

    0b5b72258f1824a940dbccc4bdbeea1451da6766f847455b8adcc2cd889f68b842911d9de81aed1d10d5757402a5e7be1be9a8ae1c48f77a3c73960db111027b

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkyW1HU/ek5Q1szp5NnNvZWNChZ7fI+Dx8Uy7/lfDTS:Lz071uv4BPMkyW10/w16BvZXDx/0S/

Malware Config

Targets

    • Target

      1969cb6ea182ae4fdacec20a1ed2fb50_NeikiAnalytics.exe

    • Size

      1.8MB

    • MD5

      1969cb6ea182ae4fdacec20a1ed2fb50

    • SHA1

      821a26a24890e8f1cb1d8e5ddcca6507b0129231

    • SHA256

      bf7865d71045ccd04531904b166689621ace7ad174637ca825ed805fdf3fdf7b

    • SHA512

      0b5b72258f1824a940dbccc4bdbeea1451da6766f847455b8adcc2cd889f68b842911d9de81aed1d10d5757402a5e7be1be9a8ae1c48f77a3c73960db111027b

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkyW1HU/ek5Q1szp5NnNvZWNChZ7fI+Dx8Uy7/lfDTS:Lz071uv4BPMkyW10/w16BvZXDx/0S/

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks