General

  • Target

    2584c84c6e8c24c101af6833a1b6cee0_NeikiAnalytics.exe

  • Size

    3.0MB

  • Sample

    240612-hjk25stbnj

  • MD5

    2584c84c6e8c24c101af6833a1b6cee0

  • SHA1

    4a596d3bd574d7ca6af0bca52a519e7bc4655ac7

  • SHA256

    4a676adba97eeb5a486d41c17588e5ce29193d9b8d69dd3f4314cf9fcafae9c0

  • SHA512

    af8b6c5c797fbad34fa0df86fc7aafee6746913a653e285c52e0a900845de22b4254b41dd919dcab7e35ac488d58db2c1cc11b60ae89ea38b5030538ba8a7e11

  • SSDEEP

    49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0I6Gz3N1pHVD:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Rp

Malware Config

Targets

    • Target

      2584c84c6e8c24c101af6833a1b6cee0_NeikiAnalytics.exe

    • Size

      3.0MB

    • MD5

      2584c84c6e8c24c101af6833a1b6cee0

    • SHA1

      4a596d3bd574d7ca6af0bca52a519e7bc4655ac7

    • SHA256

      4a676adba97eeb5a486d41c17588e5ce29193d9b8d69dd3f4314cf9fcafae9c0

    • SHA512

      af8b6c5c797fbad34fa0df86fc7aafee6746913a653e285c52e0a900845de22b4254b41dd919dcab7e35ac488d58db2c1cc11b60ae89ea38b5030538ba8a7e11

    • SSDEEP

      49152:71G1NtyBwTI3ySZbrkXV1etEKLlWUTOfeiRA2R76zHrWax9hMkHC0I6Gz3N1pHVD:71ONtyBeSFkXV1etEKLlWUTOfeiRA2Rp

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks