Overview

overview

10

Static

static

3

26a446cc4c...cs.exe

windows7-x64

10

26a446cc4c...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26a446cc4c358681591dde2b1c29f1ef117feef0699314eac0d0aa967f17c3b6_NeikiAnalytics.exe

  • Size

    9KB

  • Sample

    240701-an98tszgla

  • MD5

    bde29b66c2d5494b9351392b83eeafe0

  • SHA1

    b45c7951edc80ea567271858617bf6a23823b1e4

  • SHA256

    26a446cc4c358681591dde2b1c29f1ef117feef0699314eac0d0aa967f17c3b6

  • SHA512

    155a23ba383dff701ff4bad5e4fea411712fdebb875f91c8df3fe59f8197089321a3ea8bc959dd08df688370ec2a18f16ea949d0faeadfb92cd5f50ec61c67e5

  • SSDEEP

    192:/yG1mPr3RZPwH1wEp4cqcZVdjesx8j9q:qGsr3RZSZZVBK9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://192.168.45.189:443/Te2EzjzpeIZ12HTZE6DIuQuTmz-UpAMw8VVXVt8040DB4D45R9mHGqmDsxRwfGo74_6RwFWWsqs5ejI60lFSJwOUxr_zFGvkT1Oq2r42jbCup84OjMXPrOOsJazLa7WXehmZPyHNqpDOWlZrW_SiS8y3zJixkmLnHco5oMnTIpgCS7QoPA7MnrXlU-OkuBDLJNgTzNflBWPwMl2TshjO0

Targets

    • Target

      26a446cc4c358681591dde2b1c29f1ef117feef0699314eac0d0aa967f17c3b6_NeikiAnalytics.exe

    • Size

      9KB

    • MD5

      bde29b66c2d5494b9351392b83eeafe0

    • SHA1

      b45c7951edc80ea567271858617bf6a23823b1e4

    • SHA256

      26a446cc4c358681591dde2b1c29f1ef117feef0699314eac0d0aa967f17c3b6

    • SHA512

      155a23ba383dff701ff4bad5e4fea411712fdebb875f91c8df3fe59f8197089321a3ea8bc959dd08df688370ec2a18f16ea949d0faeadfb92cd5f50ec61c67e5

    • SSDEEP

      192:/yG1mPr3RZPwH1wEp4cqcZVdjesx8j9q:qGsr3RZSZZVBK9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks