Analysis
-
max time kernel
147s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
-
submitted
10-05-2024 13:55
General
-
Target
ed2bb38cb90823c15c9c4de3518be430_NeikiAnalytics.exe
-
Size
72KB
-
MD5
ed2bb38cb90823c15c9c4de3518be430
-
SHA1
222afd416b5aa521c5d91a3e0bdb5473eaa5d41b
-
SHA256
b5beae920a91c872ad4b075ef7d3d247bf280da12f946a79f1a5f59a348f103a
-
SHA512
87ec1db85104e3c789b52d5582fea2a11c45e9a9c671d6c5a6119021203a9b8960fea0e8731eda797fa9907b0a0b3ff78cc3572ff1091c44d88200389ac99878
-
SSDEEP
1536:IFTOl4LXG1oelgOnOzFlKSSFPJ6qGirglQj9ayEbbQbwBgWHBrLN0Mb+KR0Nc8Qb:UTOlLnlgOn+WFPJgirw9EQhHJae0Nc84
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.58.128:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
-
C:\Users\Admin\AppData\Local\Temp\ed2bb38cb90823c15c9c4de3518be430_NeikiAnalytics.exe"C:\Users\Admin\AppData\Local\Temp\ed2bb38cb90823c15c9c4de3518be430_NeikiAnalytics.exe"1⤵
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4404,i,16710585221322798697,8586257254049248207,262144 --variations-seed-version --mojo-platform-channel-handle=4604 /prefetch:81⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB