General

  • Target

    251111af8146506563f256e98c4debe0_NeikiAnalytics.exe

  • Size

    2.0MB

  • Sample

    240611-dd8h2asdmj

  • MD5

    251111af8146506563f256e98c4debe0

  • SHA1

    77481808c100a923b1005a0bd9cac943de933e6d

  • SHA256

    86344749ce8fa108dfc952b2a85f9c43d7e195a65a7701029ae575a5fb803bb4

  • SHA512

    fb68cf2cc77547327265cfebdbf06b09b8ce1b5351e53be0349ec33a3f5e05bbaf0a40b48f4c346d4e048fc915d105f0d13a8a17f71be50f89dc7f4fd2634da2

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StUE:oemTLkNdfE0pZrwG

Malware Config

Targets

    • Target

      251111af8146506563f256e98c4debe0_NeikiAnalytics.exe

    • Size

      2.0MB

    • MD5

      251111af8146506563f256e98c4debe0

    • SHA1

      77481808c100a923b1005a0bd9cac943de933e6d

    • SHA256

      86344749ce8fa108dfc952b2a85f9c43d7e195a65a7701029ae575a5fb803bb4

    • SHA512

      fb68cf2cc77547327265cfebdbf06b09b8ce1b5351e53be0349ec33a3f5e05bbaf0a40b48f4c346d4e048fc915d105f0d13a8a17f71be50f89dc7f4fd2634da2

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6StUE:oemTLkNdfE0pZrwG

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks