Overview

overview

10

Static

static

10

61c7eba64b...cs.exe

windows7-x64

10

61c7eba64b...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61c7eba64bce41164233c5117ad86e15466275ac9f17c3a7a1bc948b6e283815_NeikiAnalytics.exe

  • Size

    2.1MB

  • Sample

    240626-hl48sstenm

  • MD5

    a8355561acb760878c985e1ef26121f0

  • SHA1

    a337e82730e45a8fedb165866c1cfc1c33df3d77

  • SHA256

    61c7eba64bce41164233c5117ad86e15466275ac9f17c3a7a1bc948b6e283815

  • SHA512

    f20a6ce722d699e62fd030f3d27f62a9d0239ba368247990857af2dd797f8e45759c468a647577be9d191bd22edf4847ed90768511e0f86cceb88d1146a21da9

  • SSDEEP

    49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2iVB:GemTLkNdfE0pZaQG

Score
10/10
kpotxmrigminerstealertrojan

Malware Config

Targets

    • Target

      61c7eba64bce41164233c5117ad86e15466275ac9f17c3a7a1bc948b6e283815_NeikiAnalytics.exe

    • Size

      2.1MB

    • MD5

      a8355561acb760878c985e1ef26121f0

    • SHA1

      a337e82730e45a8fedb165866c1cfc1c33df3d77

    • SHA256

      61c7eba64bce41164233c5117ad86e15466275ac9f17c3a7a1bc948b6e283815

    • SHA512

      f20a6ce722d699e62fd030f3d27f62a9d0239ba368247990857af2dd797f8e45759c468a647577be9d191bd22edf4847ed90768511e0f86cceb88d1146a21da9

    • SSDEEP

      49152:GezaTF8FcNkNdfE0pZ9oztFwIi5aIwC+Agr6S/FYqOc2iVB:GemTLkNdfE0pZaQG

    Score
    10/10
    kpotxmrigminerstealertrojan

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

      trojanstealerkpot

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • XMRig Miner payload

      miner

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks