Overview

overview

10

Static

static

10

ee8aacd928...cs.exe

windows7-x64

10

ee8aacd928...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee8aacd928a8c9d61c93cd0a77ed1950_NeikiAnalytics.exe

  • Size

    72KB

  • Sample

    240517-s8w6taeg6z

  • MD5

    ee8aacd928a8c9d61c93cd0a77ed1950

  • SHA1

    31fd98389f0cfbd31b3812c031917d5127d41482

  • SHA256

    1e05a091309f09ad18b78edecc683854c16250cc53552adfeebd88cb6fa4beec

  • SHA512

    1d01bd9aac60e041521f0f9bb614f98ede373d33e8e696fd5d9a0f15a713e95d5e4b56992eeb42835f9e34047cc0dbf02d3caba4167e0980209fcf710847df3b

  • SSDEEP

    1536:Ie3nqrEgordCDvFJzCAfstktWMb+KR0Nc8QsJq39:jgtordCTLffAe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp_dns

C2

kalfa1.duckdns.org:4445

Targets

    • Target

      ee8aacd928a8c9d61c93cd0a77ed1950_NeikiAnalytics.exe

    • Size

      72KB

    • MD5

      ee8aacd928a8c9d61c93cd0a77ed1950

    • SHA1

      31fd98389f0cfbd31b3812c031917d5127d41482

    • SHA256

      1e05a091309f09ad18b78edecc683854c16250cc53552adfeebd88cb6fa4beec

    • SHA512

      1d01bd9aac60e041521f0f9bb614f98ede373d33e8e696fd5d9a0f15a713e95d5e4b56992eeb42835f9e34047cc0dbf02d3caba4167e0980209fcf710847df3b

    • SSDEEP

      1536:Ie3nqrEgordCDvFJzCAfstktWMb+KR0Nc8QsJq39:jgtordCTLffAe0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks