Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-06-2024 13:31

General

  • Target

    79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe

  • Size

    577KB

  • MD5

    531daf6994c00e425a4e35c9e0408620

  • SHA1

    5f35b5d31913fff208769687c2cb08d0b6eaf26f

  • SHA256

    79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7

  • SHA512

    ae1217a519153a78de8e1673a7da4a96badf9d5adde3f1e19f5b636ec566dfc62fd6c30dab6ebad68e584174d5dee5cb5895ba0c6bd28dcffa1a409eb9dd5d9e

  • SSDEEP

    12288:VA3rjjCzCctsGvHLVwk3Ta77Hp0fWAUmBkmrNUHvYFLdqoJf:u/CCctT5KHvYFLdqoJf

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.116.211.29:7777/f5vL

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;PTBR)

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe
    "C:\Users\Admin\AppData\Local\Temp\79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe"
    1⤵
      PID:5068

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5068-0-0x000001BD6C300000-0x000001BD6C301000-memory.dmp

      Filesize

      4KB

    • memory/5068-1-0x00007FF683C90000-0x00007FF683D1A000-memory.dmp

      Filesize

      552KB

    • memory/5068-13-0x00007FF683C90000-0x00007FF683D1A000-memory.dmp

      Filesize

      552KB