General

  • Target

    6fb3dfbb97e866e6d2e4e014e4771480_NeikiAnalytics.exe

  • Size

    1.8MB

  • Sample

    240613-k6srlswemr

  • MD5

    6fb3dfbb97e866e6d2e4e014e4771480

  • SHA1

    6c4cdc5fd490b056244e05286a418d631a2a73ea

  • SHA256

    976d12a5ea6cac55ed895a4d43f528114cb502172e30c117ae72bec9ccaff0e4

  • SHA512

    6e89d19df21988ea12c6320c3f1bfa3e33d3b0fa3a7c09f3f5945dad51fbaf6f6c14c0818a2c75abeb689165fe886d7d2668a409405bd9c41bfc8577c87c15eb

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupQF4g6FReQwUzN6Rf0Zra+Jsa:Lz071uv4BPMki8CnfZFOzZu4

Malware Config

Targets

    • Target

      6fb3dfbb97e866e6d2e4e014e4771480_NeikiAnalytics.exe

    • Size

      1.8MB

    • MD5

      6fb3dfbb97e866e6d2e4e014e4771480

    • SHA1

      6c4cdc5fd490b056244e05286a418d631a2a73ea

    • SHA256

      976d12a5ea6cac55ed895a4d43f528114cb502172e30c117ae72bec9ccaff0e4

    • SHA512

      6e89d19df21988ea12c6320c3f1bfa3e33d3b0fa3a7c09f3f5945dad51fbaf6f6c14c0818a2c75abeb689165fe886d7d2668a409405bd9c41bfc8577c87c15eb

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkipfzaCtNcQcAupQF4g6FReQwUzN6Rf0Zra+Jsa:Lz071uv4BPMki8CnfZFOzZu4

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix ATT&CK v13

Execution

Command and Scripting Interpreter

1
T1059

PowerShell

1
T1059.001

Tasks