Analysis
-
max time kernel
148s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
25-06-2024 23:43
Static task
static1
Behavioral task
behavioral1
Sample
257e6f278410bb90796e13fff5ffcdf517d70114f6f84f8d5f07c3fb173b159a_NeikiAnalytics.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
257e6f278410bb90796e13fff5ffcdf517d70114f6f84f8d5f07c3fb173b159a_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
257e6f278410bb90796e13fff5ffcdf517d70114f6f84f8d5f07c3fb173b159a_NeikiAnalytics.exe
-
Size
17KB
-
MD5
00756c5204a8ca3508da59e7b6d450c0
-
SHA1
140ded063ac4ee2443f12097dc57b8b049b87695
-
SHA256
257e6f278410bb90796e13fff5ffcdf517d70114f6f84f8d5f07c3fb173b159a
-
SHA512
3b7ea9ff2a34ebc81e2d8aade6650d3056698965a6e90c93a62d67a4e76924701f9a4a1c2b1cafcf59ed2fc38abe4c93df56ebb42706c285abdcb2d3d33c2c71
-
SSDEEP
192:4DMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4EJ/CWcpBUbOj6kxiY:4DMAoKz6WtKEj7aBDizJaWwbAY
Malware Config
Extracted
cobaltstrike
http://192.168.136.129:8080/QLWi
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; Trident/4.0; .NET CLR 2.0.50727)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.