Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
24-06-2024 13:31
Static task
static1
Behavioral task
behavioral1
Sample
79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe
-
Size
577KB
-
MD5
531daf6994c00e425a4e35c9e0408620
-
SHA1
5f35b5d31913fff208769687c2cb08d0b6eaf26f
-
SHA256
79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7
-
SHA512
ae1217a519153a78de8e1673a7da4a96badf9d5adde3f1e19f5b636ec566dfc62fd6c30dab6ebad68e584174d5dee5cb5895ba0c6bd28dcffa1a409eb9dd5d9e
-
SSDEEP
12288:VA3rjjCzCctsGvHLVwk3Ta77Hp0fWAUmBkmrNUHvYFLdqoJf:u/CCctT5KHvYFLdqoJf
Malware Config
Extracted
cobaltstrike
http://47.116.211.29:7777/f5vL
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;PTBR)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.