Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
28-06-2024 14:08
General
-
Target
9b763446d84ae6f30179d8ceb861157127795372a98040b3510d8377a54186d5_NeikiAnalytics.exe
-
Size
19KB
-
MD5
292ef10e8f7bd484fa0fe57fd5f95660
-
SHA1
3d89c17cf71731ebd2b46469a8ab7fe59b45a96f
-
SHA256
9b763446d84ae6f30179d8ceb861157127795372a98040b3510d8377a54186d5
-
SHA512
e50b8c64df55dbc92d40539706aae149cd97ae7fa750b042373b26899d170cc71b7d450eab207651d82b88ee7e29d2be8d0240795735f7ae870ff91090dce343
-
SSDEEP
192:7V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2kOvA4Q2WF8qa1Dojjgi:VqaCF31cix+Dc4zjwA4QHFF46gi
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://81.71.103.144:17822/q2Wc
Attributes
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
-
C:\Users\Admin\AppData\Local\Temp\9b763446d84ae6f30179d8ceb861157127795372a98040b3510d8377a54186d5_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\9b763446d84ae6f30179d8ceb861157127795372a98040b3510d8377a54186d5_NeikiAnalytics.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2392-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB
-
memory/2392-1-0x0000000000400000-0x000000000040C000-memory.dmpFilesize
48KB