General

  • Target

    be15ac74a3dc37f31d6a6f279aa73d70_NeikiAnalytics.exe

  • Size

    1.1MB

  • Sample

    240614-paembszend

  • MD5

    be15ac74a3dc37f31d6a6f279aa73d70

  • SHA1

    da304fb931f5d6da027a0152d6215442d85d427f

  • SHA256

    b0a3f55d6041159af8bd6d218e3cd759fa3fcbdc0ec2ffa5770d11dd30cc24ab

  • SHA512

    b116e79678e6c791571f5cc9da738c2e1c5bfb0657b43016f453642180715cee9d888693055dec91b4e94c3b71ec67ce5e5e29e462c14188121e22b187aa8d5a

  • SSDEEP

    24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbBwlKenszl66X21XT1:GezaTF8FcNkNdfE0pZ9oztFwIRy11

Score
10/10

Malware Config

Targets

    • Target

      be15ac74a3dc37f31d6a6f279aa73d70_NeikiAnalytics.exe

    • Size

      1.1MB

    • MD5

      be15ac74a3dc37f31d6a6f279aa73d70

    • SHA1

      da304fb931f5d6da027a0152d6215442d85d427f

    • SHA256

      b0a3f55d6041159af8bd6d218e3cd759fa3fcbdc0ec2ffa5770d11dd30cc24ab

    • SHA512

      b116e79678e6c791571f5cc9da738c2e1c5bfb0657b43016f453642180715cee9d888693055dec91b4e94c3b71ec67ce5e5e29e462c14188121e22b187aa8d5a

    • SSDEEP

      24576:GezaTnG99Q8FcNrpyNdfE0bLBgDOp2iSLz9LbBwlKenszl66X21XT1:GezaTF8FcNkNdfE0pZ9oztFwIRy11

    Score
    10/10
    • Suspicious use of NtCreateUserProcessOtherParentProcess

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks