Behavioral task
behavioral1
Sample
9f99e846d09b74fe99df0e1f4b2f9e70_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9f99e846d09b74fe99df0e1f4b2f9e70_NeikiAnalytics.exe
Resource
win10v2004-20240426-en
General
-
Target
9f99e846d09b74fe99df0e1f4b2f9e70_NeikiAnalytics.exe
-
Size
7KB
-
MD5
9f99e846d09b74fe99df0e1f4b2f9e70
-
SHA1
619fe98e092fb0d58d75171a88a7451d766c8773
-
SHA256
42bbacb8c45d1ea93d4829396c26b951b78f41a4bd808b190bcb0e41cd819096
-
SHA512
e697b5fc7a224becb17b57ae55994444d809bd0b2cb09df82868d24f37d5e483f2b784e0138f35fec991991688a3842e825af785283a96ef850f7b1cbd90816f
-
SSDEEP
24:eFGStrJ9u0/6Z23JnZd0BQAVP1YQKLqyeNDMSeXixpmB:is0B3Z0BQIqQSSD9eS2B
Malware Config
Extracted
metasploit
metasploit_stager
76.76.14.103:8080
Signatures
-
Metasploit family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 9f99e846d09b74fe99df0e1f4b2f9e70_NeikiAnalytics.exe
Files
-
9f99e846d09b74fe99df0e1f4b2f9e70_NeikiAnalytics.exe.exe windows:4 windows x64 arch:x64
b4c6fff030479aa3b12625be67bf4914
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
VirtualAlloc
ExitProcess
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.glpe Size: 1024B - Virtual size: 576B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE