General

  • Target

    50c1cf7fa02b4e77f66b7429c0903760_NeikiAnalytics.exe

  • Size

    35KB

  • Sample

    240519-cm348sdb7z

  • MD5

    50c1cf7fa02b4e77f66b7429c0903760

  • SHA1

    163701de1d4126a0be7b8d5e060d776b26bf558b

  • SHA256

    23a44d02686059089aa88ac4a54595a196ab0c529720302964d3bea7abfc3d57

  • SHA512

    7adebd97ad6b076c1b597f4f68c5138c7cb98f3ed2e44b931f39ff9873e07e81b4c83c49fd3aba576093260dcbce884249b7eda488447c3614b2d9ce4214d000

  • SSDEEP

    768:C6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:x8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      50c1cf7fa02b4e77f66b7429c0903760_NeikiAnalytics.exe

    • Size

      35KB

    • MD5

      50c1cf7fa02b4e77f66b7429c0903760

    • SHA1

      163701de1d4126a0be7b8d5e060d776b26bf558b

    • SHA256

      23a44d02686059089aa88ac4a54595a196ab0c529720302964d3bea7abfc3d57

    • SHA512

      7adebd97ad6b076c1b597f4f68c5138c7cb98f3ed2e44b931f39ff9873e07e81b4c83c49fd3aba576093260dcbce884249b7eda488447c3614b2d9ce4214d000

    • SSDEEP

      768:C6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:x8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks