General

  • Target

    612e967d69d3dd6782a08bba64a9ce00_NeikiAnalytics.exe

  • Size

    119KB

  • Sample

    240519-dt3bysga27

  • MD5

    612e967d69d3dd6782a08bba64a9ce00

  • SHA1

    5efead176b0daf93d94bc1be5cae0127cd92f409

  • SHA256

    ff5e7b3c0e7e04f4dee8dd82a808ebc84316f6b49fb341a32e54005a6754046a

  • SHA512

    88951a93e97238fed1818be401212de786841611573e74642f6e445a034687fa1607f98a56dbf706895a139dbb5e75ec3b66f824b653a251b3dad94ab6c5ada0

  • SSDEEP

    1536:S5d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZznOeibgX7H:8dseIOMEZEyFjEOFqTiQmxnOeV7H

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      612e967d69d3dd6782a08bba64a9ce00_NeikiAnalytics.exe

    • Size

      119KB

    • MD5

      612e967d69d3dd6782a08bba64a9ce00

    • SHA1

      5efead176b0daf93d94bc1be5cae0127cd92f409

    • SHA256

      ff5e7b3c0e7e04f4dee8dd82a808ebc84316f6b49fb341a32e54005a6754046a

    • SHA512

      88951a93e97238fed1818be401212de786841611573e74642f6e445a034687fa1607f98a56dbf706895a139dbb5e75ec3b66f824b653a251b3dad94ab6c5ada0

    • SSDEEP

      1536:S5d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZznOeibgX7H:8dseIOMEZEyFjEOFqTiQmxnOeV7H

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks