Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
30-06-2024 23:17
Static task
static1
Behavioral task
behavioral1
Sample
224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe
-
Size
19KB
-
MD5
c28185dd8c25a1b0d505ab9ed629ea40
-
SHA1
7db37445694a8944b585458afe72d734167f48aa
-
SHA256
224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200
-
SHA512
d8652f48ff2976a26dfb0eaf2ea69d1c5ffda440b7a4414c4acc0b4d26ab4a4db777f27458a09d7f9cda6d531e6c5d6d7738995ae11a84f713dd4b714acfd904
-
SSDEEP
192:aV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hciWF8qa1Dojjgi:0qaCF31cix+Dc4zjTFF46gi
Malware Config
Extracted
cobaltstrike
http://47.113.227.139:80/MKrS
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.