Analysis
-
max time kernel
148s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
28-06-2024 05:29
Static task
static1
Behavioral task
behavioral1
Sample
87a263d8123d57ea1ce26f4d3ce7168d03ad791f036920fa4fafdae09735817a_NeikiAnalytics.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
87a263d8123d57ea1ce26f4d3ce7168d03ad791f036920fa4fafdae09735817a_NeikiAnalytics.exe
Resource
win10v2004-20240611-en
General
-
Target
87a263d8123d57ea1ce26f4d3ce7168d03ad791f036920fa4fafdae09735817a_NeikiAnalytics.exe
-
Size
1.3MB
-
MD5
7694e32187281a46404e676e683732b0
-
SHA1
19bd2f0551569bcce155a55dbdfcbf6a0f5c16e0
-
SHA256
87a263d8123d57ea1ce26f4d3ce7168d03ad791f036920fa4fafdae09735817a
-
SHA512
7ca14cfa028429ee50dcc6774e066defe3b43592e992e96a94cf93e240fd191eef4ba5966e2bc14f6ee46b544176c06058e93002e1fd92fdfb38cc7852876a0c
-
SSDEEP
24576:bpbC9FlM1ktN9XLLbLA36t3ZgjyVOSAD1:b5C9FLtTQ3qZgjTSAD1
Malware Config
Extracted
cobaltstrike
http://101.201.118.20:5557/TDQt
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAAU; NP08)
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.