General
-
Target
a5766a5e510380e8a7f57caa195c0370_NeikiAnalytics
-
Size
84KB
-
Sample
240513-h784wafb67
-
MD5
a5766a5e510380e8a7f57caa195c0370
-
SHA1
66335aedccef6eac0b41e9665a2f4ec11731ceed
-
SHA256
822459aadd3fe611170cb20f2baab9bbd7257f9e91b2c05991838a2476f7b5a8
-
SHA512
cacb925a3b120cacbebbe76e332b851615e44bc03c22d2930f3a729a36e6e9a6a930be6b52556a5c8772830d3c30700ee0006f82432eaa85ef4dd27dfae6d2d3
-
SSDEEP
768:EOmFWj5C2xhBtAeLoAodBXs2QSBV848F4ALyTNiR4yNA5lViUdyJWAE:3mFWjk2HAMuB82QSAbF4A1elVi8AE
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
a5766a5e510380e8a7f57caa195c0370_NeikiAnalytics
-
Size
84KB
-
MD5
a5766a5e510380e8a7f57caa195c0370
-
SHA1
66335aedccef6eac0b41e9665a2f4ec11731ceed
-
SHA256
822459aadd3fe611170cb20f2baab9bbd7257f9e91b2c05991838a2476f7b5a8
-
SHA512
cacb925a3b120cacbebbe76e332b851615e44bc03c22d2930f3a729a36e6e9a6a930be6b52556a5c8772830d3c30700ee0006f82432eaa85ef4dd27dfae6d2d3
-
SSDEEP
768:EOmFWj5C2xhBtAeLoAodBXs2QSBV848F4ALyTNiR4yNA5lViUdyJWAE:3mFWjk2HAMuB82QSAbF4A1elVi8AE
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies firewall policy service
-
Modifies security service
-
Drops file in Drivers directory
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-