Overview

overview

10

Static

static

3

c307410929...cs.exe

windows7-x64

10

c307410929...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c30741092945f21c04a10f98e9ed1620_NeikiAnalytics.exe

  • Size

    6.0MB

  • Sample

    240517-hc2fjseb68

  • MD5

    c30741092945f21c04a10f98e9ed1620

  • SHA1

    8435f33caa64e6527ea401d48268f45675743871

  • SHA256

    5efea9d9fbd802c625eaa80939fd94c228b973d44d181ea8ab11f3d4ef42e90c

  • SHA512

    5927f8eb04dc0baf5ceaef13594561a051d332a924ab6eeae097bc8b4072fc523fce868e7c47be9a354482e9e4e7c2a6aee523e7576ab631102c3d03cf38cdfc

  • SSDEEP

    98304:lVzPib+sX1ZvbeAyJZ/dJolTlPNs2PKToa1FptF07TcXeZS7uiFpMndH2nkzwTVi:lVzPiCsXDjDyf/dJolpPgToa10/cOMFl

Score
10/10
metasploitbackdoorpyinstallertrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

106.53.94.240:6000

Targets

    • Target

      c30741092945f21c04a10f98e9ed1620_NeikiAnalytics.exe

    • Size

      6.0MB

    • MD5

      c30741092945f21c04a10f98e9ed1620

    • SHA1

      8435f33caa64e6527ea401d48268f45675743871

    • SHA256

      5efea9d9fbd802c625eaa80939fd94c228b973d44d181ea8ab11f3d4ef42e90c

    • SHA512

      5927f8eb04dc0baf5ceaef13594561a051d332a924ab6eeae097bc8b4072fc523fce868e7c47be9a354482e9e4e7c2a6aee523e7576ab631102c3d03cf38cdfc

    • SSDEEP

      98304:lVzPib+sX1ZvbeAyJZ/dJolTlPNs2PKToa1FptF07TcXeZS7uiFpMndH2nkzwTVi:lVzPiCsXDjDyf/dJolpPgToa10/cOMFl

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks