Overview

overview

10

Static

static

10

157a5a1119...cs.exe

windows7-x64

10

157a5a1119...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    157a5a11192f26593de4f372e7b60b06a56e0e176b57f09cbac974dc0b6d6835_NeikiAnalytics.exe

  • Size

    2.1MB

  • Sample

    240622-2dg8va1fjn

  • MD5

    c13bb10a26c0145e957c6197c5333750

  • SHA1

    110eb9cc0890e150f08ce846962736648569a4af

  • SHA256

    157a5a11192f26593de4f372e7b60b06a56e0e176b57f09cbac974dc0b6d6835

  • SHA512

    0c52f8f1a3a6cdea77b921bf0db863b566773ab35cadf1d31377a40f883e9288522249b0ae2fee4312f677aa75ab83c5027dc80ca009658e37150579975c4862

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2P1V:GemTLkNdfE0pZaQj

Score
10/10
kpotxmrigminerstealertrojan

Malware Config

Targets

    • Target

      157a5a11192f26593de4f372e7b60b06a56e0e176b57f09cbac974dc0b6d6835_NeikiAnalytics.exe

    • Size

      2.1MB

    • MD5

      c13bb10a26c0145e957c6197c5333750

    • SHA1

      110eb9cc0890e150f08ce846962736648569a4af

    • SHA256

      157a5a11192f26593de4f372e7b60b06a56e0e176b57f09cbac974dc0b6d6835

    • SHA512

      0c52f8f1a3a6cdea77b921bf0db863b566773ab35cadf1d31377a40f883e9288522249b0ae2fee4312f677aa75ab83c5027dc80ca009658e37150579975c4862

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2P1V:GemTLkNdfE0pZaQj

    Score
    10/10
    kpotxmrigminerstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks