metasploit | 71b0bb4f36d8e44c4c800992bc81e2dfb0ec23ed1c4fa5fa00bea7460f0426f6

Analysis

max time kernel
149s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
17-05-2024 23:39

Target

53fdffe944c773de633bbe65e0f856f0_NeikiAnalytics.exe
Size

72KB
MD5

53fdffe944c773de633bbe65e0f856f0
SHA1

8e13760b22223ed3c001b54e47898b47b756c0c6
SHA256

71b0bb4f36d8e44c4c800992bc81e2dfb0ec23ed1c4fa5fa00bea7460f0426f6
SHA512

075f027d68ea70d4572ca455bbd5e30645d2c70d8c7f56fa0153152b68c17d2f39a9e7b7553c47e3670250a74a3a51d09483c4ec36ffdcd96049fdd4c31ff541
SSDEEP

1536:IDqK/cgKcf+mOpKsBnZQMUCdBjGouIjYD+b4gMb+KR0Nc8QsJq39:MqK0NcGm45BnU2Bjxige0Nc8QsC9

Score

10^/10

Family

metasploit

Version

windows/reverse_tcp

63.193.40.150:56403

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\53fdffe944c773de633bbe65e0f856f0_NeikiAnalytics.exe
"C:\Users\Admin\AppData\Local\Temp\53fdffe944c773de633bbe65e0f856f0_NeikiAnalytics.exe"
1⤵
PID:3364

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3920 --field-trial-handle=2692,i,8678872182442199182,12502579059484928042,262144 --variations-seed-version /prefetch:8
1⤵
PID:2920

memory/3364-0-0x0000000000570000-0x0000000000571000-memory.dmp

Filesize
4KB

Download