General

  • Target

    0910a7d16283777f5534b08cff6087553170a9eed413621247324e07eabc7a5f_NeikiAnalytics.exe

  • Size

    1.9MB

  • Sample

    240629-2rnmsaycnb

  • MD5

    4edecb47ceef356ccab1f0e5994f95c0

  • SHA1

    471dd5c1384deba055db2ac2b342a75fe7da6b76

  • SHA256

    0910a7d16283777f5534b08cff6087553170a9eed413621247324e07eabc7a5f

  • SHA512

    3f220508d5c1097b7c3d0a7d8ca6ae1f34416821c16d879826757c6b97169e0e151f97ee81164bdeabae98d1f4de92568753ee3081ebe34dda16479adda367bd

  • SSDEEP

    49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNa17:oemTLkNdfE0pZrwF

Malware Config

Targets

    • Target

      0910a7d16283777f5534b08cff6087553170a9eed413621247324e07eabc7a5f_NeikiAnalytics.exe

    • Size

      1.9MB

    • MD5

      4edecb47ceef356ccab1f0e5994f95c0

    • SHA1

      471dd5c1384deba055db2ac2b342a75fe7da6b76

    • SHA256

      0910a7d16283777f5534b08cff6087553170a9eed413621247324e07eabc7a5f

    • SHA512

      3f220508d5c1097b7c3d0a7d8ca6ae1f34416821c16d879826757c6b97169e0e151f97ee81164bdeabae98d1f4de92568753ee3081ebe34dda16479adda367bd

    • SSDEEP

      49152:oezaTF8FcNkNdfE0pZ9ozt4wIC5aIwC+Agr6SNa17:oemTLkNdfE0pZrwF

    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks