General

  • Target

    bef7bdabcc91a2c7f223f60011a37b80_NeikiAnalytics.exe

  • Size

    1.8MB

  • Sample

    240614-pjct4atgrn

  • MD5

    bef7bdabcc91a2c7f223f60011a37b80

  • SHA1

    7ffc19d148c1f395980c3466d79435e541b55bd1

  • SHA256

    85de902a28f74c8f8839630ac45fe16a0e48afdd4cadfb2d80ae566c251bf849

  • SHA512

    294b98bc857ce1c86e163a5a44e01cbf5316fff5a956e0c5e439b6e2f6182ee9f6ff924d8cad319fec27481c5f02e1d66d88d75346f90104324abe139e9eda7f

  • SSDEEP

    49152:Lz071uv4BPMkHC0IaSEzQR4iRFlX+IAD5qOp2:NABO

Malware Config

Targets

    • Target

      bef7bdabcc91a2c7f223f60011a37b80_NeikiAnalytics.exe

    • Size

      1.8MB

    • MD5

      bef7bdabcc91a2c7f223f60011a37b80

    • SHA1

      7ffc19d148c1f395980c3466d79435e541b55bd1

    • SHA256

      85de902a28f74c8f8839630ac45fe16a0e48afdd4cadfb2d80ae566c251bf849

    • SHA512

      294b98bc857ce1c86e163a5a44e01cbf5316fff5a956e0c5e439b6e2f6182ee9f6ff924d8cad319fec27481c5f02e1d66d88d75346f90104324abe139e9eda7f

    • SSDEEP

      49152:Lz071uv4BPMkHC0IaSEzQR4iRFlX+IAD5qOp2:NABO

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks