Overview

overview

10

Static

static

10

2a60310d40...cs.exe

windows7-x64

10

2a60310d40...cs.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    151s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a60310d40cf882f78b353769b44db70_NeikiAnalytics.exe

  • Size

    7KB

  • MD5

    2a60310d40cf882f78b353769b44db70

  • SHA1

    6b591a28fbf75d7025bfd80cfe965631edc21bbc

  • SHA256

    0f881ab37317eaa70daac29255c38a6bc3d0257f01819ae74c0497a501eee262

  • SHA512

    76068b0236841d244cc902fe238b8d8d5e96690df09066d4e1d1f8fa0ffb83cdc88f5fdf1ccf97bf00cfde42e7053720ae34087ecd0ac0017c52926611b9be20

  • SSDEEP

    24:eFGStrJ9u0/6Io3nZdkBQAVb6WcLwKZqDeNDMSCvOXpmB:is03oTkBQa2LwVSD9C2kB

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.243.128:9999

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\2a60310d40cf882f78b353769b44db70_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\2a60310d40cf882f78b353769b44db70_NeikiAnalytics.exe"
    1⤵
      PID:2956

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2956-0-0x0000000140000000-0x0000000140004278-memory.dmp

      Filesize

      16KB

      Download