Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows7_x64 -
resource
win7-20240611-en -
resource tags
arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 22:26
Static task
static1
Behavioral task
behavioral1
Sample
10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c_NeikiAnalytics.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c_NeikiAnalytics.exe
Resource
win10v2004-20240508-en
General
-
Target
10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c_NeikiAnalytics.exe
-
Size
17KB
-
MD5
d1d71a548b5208dc95ccd52111536370
-
SHA1
cbfb95ac2c5a4b77d9762bd62aa181b141043291
-
SHA256
10a35a2218d325f621306ae3eacddafb4d7a261006db9ffa63128444e95fb32c
-
SHA512
a90863627d8f65b851c8fdae74f80c602614b42018d84a559ed7ba6d5d6cb2223d7426d899602d70e820651a4e83e335b9d9ceab018f0f92cc85ef2000eb0896
-
SSDEEP
192:dDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4kkJBUbOj6kxiY:dDMAoKz6WtKEj7aBDitkJbAY
Malware Config
Extracted
cobaltstrike
http://192.168.17.131:80/Rj2o
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSSEM)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.