General

  • Target

    bef0adfa60551944a9c885aa76a4cfa0_NeikiAnalytics.exe

  • Size

    1.3MB

  • Sample

    240614-ph3zwstgqp

  • MD5

    bef0adfa60551944a9c885aa76a4cfa0

  • SHA1

    83e2a80fc508f8fd9f97d1a96543332ea246b2a6

  • SHA256

    282cf90183e10242eb5dbe2d91b9dac6291eddf54ce023d5d41effc9b9747c92

  • SHA512

    9cb13e8ee233464184005154ce998a361e65796999bcfaaa5c86d213ba17de0ffe995b0f2441f0ef6b6c8eb19aaba33610a829ea84b05b5abc2790097c3583d0

  • SSDEEP

    24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWYsfLGrAvWWXkCRgx6nU8Uywjbwt:Lz071uv4BPMkibTIA5sf6r+W4AQaAJ

Malware Config

Targets

    • Target

      bef0adfa60551944a9c885aa76a4cfa0_NeikiAnalytics.exe

    • Size

      1.3MB

    • MD5

      bef0adfa60551944a9c885aa76a4cfa0

    • SHA1

      83e2a80fc508f8fd9f97d1a96543332ea246b2a6

    • SHA256

      282cf90183e10242eb5dbe2d91b9dac6291eddf54ce023d5d41effc9b9747c92

    • SHA512

      9cb13e8ee233464184005154ce998a361e65796999bcfaaa5c86d213ba17de0ffe995b0f2441f0ef6b6c8eb19aaba33610a829ea84b05b5abc2790097c3583d0

    • SSDEEP

      24576:zv3/fTLF671TilQFG4P5PMkibTJH+2Q/ynKeWYsfLGrAvWWXkCRgx6nU8Uywjbwt:Lz071uv4BPMkibTIA5sf6r+W4AQaAJ

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks