General

  • Target

    0016e63eb26eddb7482a33cf0b663c66ed6844f88d5d6d4d368d5aa32d28703c_NeikiAnalytics.exe

  • Size

    72KB

  • Sample

    240622-p7adwashnm

  • MD5

    13ed689b8e169225bba33ca36cd95960

  • SHA1

    0835e7604f764256b91dd1b136a622d5faad7c31

  • SHA256

    0016e63eb26eddb7482a33cf0b663c66ed6844f88d5d6d4d368d5aa32d28703c

  • SHA512

    6b354ea0d654752d40b8f9771c8f93d04bf90b9a199b4a050c10a5a8c69696d356c79af6fa984c6c6582cc15cb77e8b9457345035fd2a97fe2389303e64f11d4

  • SSDEEP

    1536:IPAdFpduQi137qLy41IQFB5dGyeBgYOQOMb+KR0Nc8QsJq39:JduQi57q84Xd7agYO3e0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.29.137:5900

Targets

    • Target

      0016e63eb26eddb7482a33cf0b663c66ed6844f88d5d6d4d368d5aa32d28703c_NeikiAnalytics.exe

    • Size

      72KB

    • MD5

      13ed689b8e169225bba33ca36cd95960

    • SHA1

      0835e7604f764256b91dd1b136a622d5faad7c31

    • SHA256

      0016e63eb26eddb7482a33cf0b663c66ed6844f88d5d6d4d368d5aa32d28703c

    • SHA512

      6b354ea0d654752d40b8f9771c8f93d04bf90b9a199b4a050c10a5a8c69696d356c79af6fa984c6c6582cc15cb77e8b9457345035fd2a97fe2389303e64f11d4

    • SSDEEP

      1536:IPAdFpduQi137qLy41IQFB5dGyeBgYOQOMb+KR0Nc8QsJq39:JduQi57q84Xd7agYO3e0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks