metasploit | 31e8993c246d7b44b7a024c49a7beaac8d21b5952026c3285728a62f5127aff6

Analysis

max time kernel
157s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10-05-2024 20:33

Target

70606ede686fe6e5798d0f53d143ed30_NeikiAnalytics.exe
Size

72KB
MD5

70606ede686fe6e5798d0f53d143ed30
SHA1

8b57732502a362b63e8f7ff1ab9d3caa3bf9d936
SHA256

31e8993c246d7b44b7a024c49a7beaac8d21b5952026c3285728a62f5127aff6
SHA512

1064b70e60851393bcef7fc018358947deb5aa7b87203b6938272975c0f4d3f9a24ed9acceb0f88a187c8aca5125d21d3bb8a9f5b2e9c383e1a88bb65bfbdc1f
SSDEEP

1536:IpLvNXTlQ33iZAef3O9slnx5GCmMb+KR0Nc8QsJq39:svNJCUAePQshxpme0Nc8QsC9

Score

10^/10

Family

metasploit

Version

windows/reverse_tcp

192.168.192.129:4444

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\70606ede686fe6e5798d0f53d143ed30_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\70606ede686fe6e5798d0f53d143ed30_NeikiAnalytics.exe"
1⤵
PID:5040

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4172 --field-trial-handle=2284,i,15722001240173834669,15048020084704567542,262144 --variations-seed-version /prefetch:8
1⤵
PID:3516

memory/5040-0-0x0000000000870000-0x0000000000871000-memory.dmp

Filesize
4KB

Download