Overview

overview

10

Static

static

3

405e5f5523...cs.exe

windows7-x64

7

405e5f5523...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    405e5f5523dd778ff6bdf8fb0ea033f0_NeikiAnalytics.exe

  • Size

    6.3MB

  • Sample

    240529-fejmeabg94

  • MD5

    405e5f5523dd778ff6bdf8fb0ea033f0

  • SHA1

    c5d017053aaa6575082e6bf0cbd75d87f75fce15

  • SHA256

    d7dd5cb4484c40c7b8a1079b42f618dcbac5465a655b26ba7dcc69ce965bb0c8

  • SHA512

    bf71eea8d25222f817556859939b74fe45e87e12b243060b13097348cd6bb0e878f5cbf97fd75f7194e7c3c55f6a317616f2b74ba5aaf97c2b92af8c9ae56f0c

  • SSDEEP

    98304:ThuXiY9eGNMpMrtP75YlUjn1cK7ggczAAMyQ9TZNbP3ad4zeSpXqEWm8UGf8I1K:ThuyceEMmV79n1cMczJQVb/a3SEwBh

Score
10/10
metasploitbackdoorpyinstallertrojanupx

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

134.35.44.230:6066

Targets

    • Target

      405e5f5523dd778ff6bdf8fb0ea033f0_NeikiAnalytics.exe

    • Size

      6.3MB

    • MD5

      405e5f5523dd778ff6bdf8fb0ea033f0

    • SHA1

      c5d017053aaa6575082e6bf0cbd75d87f75fce15

    • SHA256

      d7dd5cb4484c40c7b8a1079b42f618dcbac5465a655b26ba7dcc69ce965bb0c8

    • SHA512

      bf71eea8d25222f817556859939b74fe45e87e12b243060b13097348cd6bb0e878f5cbf97fd75f7194e7c3c55f6a317616f2b74ba5aaf97c2b92af8c9ae56f0c

    • SSDEEP

      98304:ThuXiY9eGNMpMrtP75YlUjn1cK7ggczAAMyQ9TZNbP3ad4zeSpXqEWm8UGf8I1K:ThuyceEMmV79n1cMczJQVb/a3SEwBh

    Score
    10/10
    upxmetasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks