Overview

overview

10

Static

static

3

2a621fa6ba...cs.exe

windows7-x64

10

2a621fa6ba...cs.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2a621fa6ba8773b3bb819de2e1133fc0_NeikiAnalytics

  • Size

    96KB

  • Sample

    240510-3c4k5afg3w

  • MD5

    2a621fa6ba8773b3bb819de2e1133fc0

  • SHA1

    11e6f733676b773609dbafefb8bbefcf0c453b47

  • SHA256

    b898be6a3f8e1566ddf8b5fc9c35dbf0b8898dd1d8e53ae0db40157047fe3f35

  • SHA512

    0bd739f1b35fdbcff36295ec23c37cfefea621106e0c99303ea90f7b3bbbccc0c870db6cbf46e906799f02fdbeeda99491a398f0c4661d5b40fbd409010391de

  • SSDEEP

    1536:fnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:fGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      2a621fa6ba8773b3bb819de2e1133fc0_NeikiAnalytics

    • Size

      96KB

    • MD5

      2a621fa6ba8773b3bb819de2e1133fc0

    • SHA1

      11e6f733676b773609dbafefb8bbefcf0c453b47

    • SHA256

      b898be6a3f8e1566ddf8b5fc9c35dbf0b8898dd1d8e53ae0db40157047fe3f35

    • SHA512

      0bd739f1b35fdbcff36295ec23c37cfefea621106e0c99303ea90f7b3bbbccc0c870db6cbf46e906799f02fdbeeda99491a398f0c4661d5b40fbd409010391de

    • SSDEEP

      1536:fnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:fGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks