Overview

overview

10

Static

static

10

d06e3d8379...cs.exe

windows7-x64

10

d06e3d8379...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d06e3d837959ea9dd907629127f78240_NeikiAnalytics

  • Size

    72KB

  • Sample

    240515-nxcwksga89

  • MD5

    d06e3d837959ea9dd907629127f78240

  • SHA1

    0fa0f445ead638c8c2315e785020e41f23b03600

  • SHA256

    c99bf2c496ce1bdac2d72d07fb27df13a3c8ea0532d553a4a8407d4b9344a30d

  • SHA512

    abb883615baa88139c4ad7a15ceb923e91ddcee4cebfc8549e782058b6a3214ed0bdadd74296f7ae628b46bd2cddae424ac3848293822aa99774e6223c78398c

  • SSDEEP

    1536:IlZIcCDn2qSKgKKwv1ctKsaGeY0dMb+KR0Nc8QsJq39:QavDnNSK/X1ctVeXe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.9:4444

Targets

    • Target

      d06e3d837959ea9dd907629127f78240_NeikiAnalytics

    • Size

      72KB

    • MD5

      d06e3d837959ea9dd907629127f78240

    • SHA1

      0fa0f445ead638c8c2315e785020e41f23b03600

    • SHA256

      c99bf2c496ce1bdac2d72d07fb27df13a3c8ea0532d553a4a8407d4b9344a30d

    • SHA512

      abb883615baa88139c4ad7a15ceb923e91ddcee4cebfc8549e782058b6a3214ed0bdadd74296f7ae628b46bd2cddae424ac3848293822aa99774e6223c78398c

    • SSDEEP

      1536:IlZIcCDn2qSKgKKwv1ctKsaGeY0dMb+KR0Nc8QsJq39:QavDnNSK/X1ctVeXe0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks