Overview

overview

10

Static

static

10

59c8b8b9ff...cs.exe

windows7-x64

10

59c8b8b9ff...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    59c8b8b9fffd175f4840464aeee1f8e192adb04ff9a50456b407b441dd16347f_NeikiAnalytics.exe

  • Size

    2.1MB

  • Sample

    240625-njjrzawhle

  • MD5

    8ad9b532e9950e985a8ade967ea18fa0

  • SHA1

    8db1987373df5ab49e1e5b5079e6d8b48e78c23a

  • SHA256

    59c8b8b9fffd175f4840464aeee1f8e192adb04ff9a50456b407b441dd16347f

  • SHA512

    5631d0665d7e25142c027e5209e34f07283f3ef4d272e488096b52870cdc1774c695a32d34600e79135e0f3f00191feefd57c5fe2fdc2f0cc585cd1173a16be7

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2rV:GemTLkNdfE0pZaQh

Score
10/10
kpotxmrigminerpersistenceprivilege_escalationstealertrojan

Malware Config

Targets

    • Target

      59c8b8b9fffd175f4840464aeee1f8e192adb04ff9a50456b407b441dd16347f_NeikiAnalytics.exe

    • Size

      2.1MB

    • MD5

      8ad9b532e9950e985a8ade967ea18fa0

    • SHA1

      8db1987373df5ab49e1e5b5079e6d8b48e78c23a

    • SHA256

      59c8b8b9fffd175f4840464aeee1f8e192adb04ff9a50456b407b441dd16347f

    • SHA512

      5631d0665d7e25142c027e5209e34f07283f3ef4d272e488096b52870cdc1774c695a32d34600e79135e0f3f00191feefd57c5fe2fdc2f0cc585cd1173a16be7

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2rV:GemTLkNdfE0pZaQh

    Score
    10/10
    kpotxmrigminerstealertrojanpersistenceprivilege_escalation

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks