General

  • Target

    30286b1820c40d5a52ce71b5c58e23a49a7ff875d5061df8542bc533d284dacd_NeikiAnalytics.exe

  • Size

    72KB

  • Sample

    240624-csbl6sycnl

  • MD5

    bf0fb9df42873063c0f0aac55aafb580

  • SHA1

    9b6832ee2f6a104ba004f0dd7149fc52ada63f8d

  • SHA256

    30286b1820c40d5a52ce71b5c58e23a49a7ff875d5061df8542bc533d284dacd

  • SHA512

    d5f4cc676ea02d605d30447e64e5b622284b7a3cfd617d7deeb6b8b410a9a0bba5eedb5861d70c671409e2b4c0d7149a593b1b0fd1f416312c8cd2ff75bed7d5

  • SSDEEP

    1536:IAR5It2VwOKUiwiSEW7N9mokMb+KR0Nc8QsJq39:xTVwR69N8e0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://192.168.56.102:4444/_PcOCaohCcNtH2weCD-sTgEWJFZ-lePdyS2pne4hOwsA6U84VaYoPCrEgwA8dstVM9CzIBOyXdfY_yTAO35q_rjawDNE8eXeTKUDUzmmQUNWHPuqHFfSm2wOTJoq0gCD87gilxa5ppAp84Kcq6rcvLEcs

Targets

    • Target

      30286b1820c40d5a52ce71b5c58e23a49a7ff875d5061df8542bc533d284dacd_NeikiAnalytics.exe

    • Size

      72KB

    • MD5

      bf0fb9df42873063c0f0aac55aafb580

    • SHA1

      9b6832ee2f6a104ba004f0dd7149fc52ada63f8d

    • SHA256

      30286b1820c40d5a52ce71b5c58e23a49a7ff875d5061df8542bc533d284dacd

    • SHA512

      d5f4cc676ea02d605d30447e64e5b622284b7a3cfd617d7deeb6b8b410a9a0bba5eedb5861d70c671409e2b4c0d7149a593b1b0fd1f416312c8cd2ff75bed7d5

    • SSDEEP

      1536:IAR5It2VwOKUiwiSEW7N9mokMb+KR0Nc8QsJq39:xTVwR69N8e0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks