General

  • Target

    3d9f71bfaf54d77df3c14a3232950a3c0ab151218f8e25e948603531802812e3_NeikiAnalytics.exe

  • Size

    281KB

  • Sample

    240624-e46yka1apk

  • MD5

    cebf3d7a0534a11da09ad1303c9d2580

  • SHA1

    3f8a8559dd3a5459c73fed6e25dcb5482b00460a

  • SHA256

    3d9f71bfaf54d77df3c14a3232950a3c0ab151218f8e25e948603531802812e3

  • SHA512

    3301b7efd8449a528f75f8f8b7b07160676b74618e4db38ee165d33a279a49f5a2521bdf34ae8fb957aaecf924b7f5da8ec688bc2d054d70f68ee0a4e84fd954

  • SSDEEP

    6144:kCn9sh7JZWvVIdtqIEj8ur8nC2yw9qZ37TNyI2Ns4:s7rQImDjOnCLTZ3NyI

Malware Config

Extracted

Family

cobaltstrike

Botnet

100000000

Attributes
  • beacon_type

    1024

  • host

    10.58.26.227

  • http_header1

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • polling_time

    10000

  • port_number

    9888

  • sc_process32

    %windir%\syswow64\notepad.exe

  • sc_process64

    %windir%\sysnative\notepad.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCNruhrtaw5T2BCofyFWv5amrYBOYuJ4Csi5m1QGtG5kFtDzH+qEXDLadbJ06F1EXPnxHWuDGU7T/m9ExZdrCmqO16hxwSaQd5RsmHgxj1QxZ4HWSD8IBNt1gFQdqS77Wy9VuU59ZyrooOh0FWVCXTt/WPq0SZ2uPk2gL+EuTYnhQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • watermark

    100000000

Targets

    • Target

      3d9f71bfaf54d77df3c14a3232950a3c0ab151218f8e25e948603531802812e3_NeikiAnalytics.exe

    • Size

      281KB

    • MD5

      cebf3d7a0534a11da09ad1303c9d2580

    • SHA1

      3f8a8559dd3a5459c73fed6e25dcb5482b00460a

    • SHA256

      3d9f71bfaf54d77df3c14a3232950a3c0ab151218f8e25e948603531802812e3

    • SHA512

      3301b7efd8449a528f75f8f8b7b07160676b74618e4db38ee165d33a279a49f5a2521bdf34ae8fb957aaecf924b7f5da8ec688bc2d054d70f68ee0a4e84fd954

    • SSDEEP

      6144:kCn9sh7JZWvVIdtqIEj8ur8nC2yw9qZ37TNyI2Ns4:s7rQImDjOnCLTZ3NyI

MITRE ATT&CK Matrix

Tasks