General
-
Target
892e69625df8dab9c03919b4b8a6649da4bc362592bd0b72b7ff74c302d192f1_NeikiAnalytics.exe
-
Size
1.9MB
-
Sample
240628-gy2g1axfmn
-
MD5
1df801881d7a922d3ba134b5dad79bc0
-
SHA1
11f5bbe59d64559906c2a04c68c03a8c461a7c26
-
SHA256
892e69625df8dab9c03919b4b8a6649da4bc362592bd0b72b7ff74c302d192f1
-
SHA512
0f241f55afc4968917a932039142cc95c7eaf4d560b766a14a924c419a662f0f459de6290cc0acee51a404c43567cf86c6da34ce07d24505080f79eb5f9cecfa
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PmK/lzapbU4w2DyA7lO1eANsT4Z8+8KYECFj1oqZoc19:Lz071uv4BPm6lgVJUwD+83FhZ35wgHTj
Malware Config
Targets
-
-
Target
892e69625df8dab9c03919b4b8a6649da4bc362592bd0b72b7ff74c302d192f1_NeikiAnalytics.exe
-
Size
1.9MB
-
MD5
1df801881d7a922d3ba134b5dad79bc0
-
SHA1
11f5bbe59d64559906c2a04c68c03a8c461a7c26
-
SHA256
892e69625df8dab9c03919b4b8a6649da4bc362592bd0b72b7ff74c302d192f1
-
SHA512
0f241f55afc4968917a932039142cc95c7eaf4d560b766a14a924c419a662f0f459de6290cc0acee51a404c43567cf86c6da34ce07d24505080f79eb5f9cecfa
-
SSDEEP
24576:zv3/fTLF671TilQFG4P5PmK/lzapbU4w2DyA7lO1eANsT4Z8+8KYECFj1oqZoc19:Lz071uv4BPm6lgVJUwD+83FhZ35wgHTj
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Blocklisted process makes network request
-
Command and Scripting Interpreter: PowerShell
Powershell Invoke Web Request.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Legitimate hosting services abused for malware hosting/C2
-