General

  • Target

    55f17fa06a881352a0c80a6c604c8900_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-c1h18aeb68

  • MD5

    55f17fa06a881352a0c80a6c604c8900

  • SHA1

    de0d545426f3b3a8140836095eef530cce43ed3f

  • SHA256

    bf744d561f01a9aa7ea4005b68e2713f94f876953e07160ba1cef3f35716c2e6

  • SHA512

    28664e9baf0ef1318bdb127a06c8256ad6184d46dcc9d6b6d3e05ded2d380e000572d1eaf4083ba90b5fc57421fcaddf3c94e9fef81ed2e3f1dc19db1b125a2b

  • SSDEEP

    1536:/nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:/Gs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      55f17fa06a881352a0c80a6c604c8900_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      55f17fa06a881352a0c80a6c604c8900

    • SHA1

      de0d545426f3b3a8140836095eef530cce43ed3f

    • SHA256

      bf744d561f01a9aa7ea4005b68e2713f94f876953e07160ba1cef3f35716c2e6

    • SHA512

      28664e9baf0ef1318bdb127a06c8256ad6184d46dcc9d6b6d3e05ded2d380e000572d1eaf4083ba90b5fc57421fcaddf3c94e9fef81ed2e3f1dc19db1b125a2b

    • SSDEEP

      1536:/nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:/Gs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks