Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
-
submitted
30-06-2024 23:17
General
-
Target
224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe
-
Size
19KB
-
MD5
c28185dd8c25a1b0d505ab9ed629ea40
-
SHA1
7db37445694a8944b585458afe72d734167f48aa
-
SHA256
224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200
-
SHA512
d8652f48ff2976a26dfb0eaf2ea69d1c5ffda440b7a4414c4acc0b4d26ab4a4db777f27458a09d7f9cda6d531e6c5d6d7738995ae11a84f713dd4b714acfd904
-
SSDEEP
192:aV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hciWF8qa1Dojjgi:0qaCF31cix+Dc4zjTFF46gi
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://47.113.227.139:80/MKrS
Attributes
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
Processes
-
C:\Users\Admin\AppData\Local\Temp\224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2016-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB
-
memory/2016-1-0x0000000000400000-0x000000000040C000-memory.dmpFilesize
48KB