General

  • Target

    622b5463286e6c03bce72835002b0120_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-dxbneagb23

  • MD5

    622b5463286e6c03bce72835002b0120

  • SHA1

    af803153fea19f43991c63caa9dfee6becec0d36

  • SHA256

    8b833c0a222bb56ce94b6ad8351f01f7060d8fa1630983878a2c348540bc8e46

  • SHA512

    97491df31d5c5a5e60a7badc23acc5ffd68c867154642ecbb28a478a0e9cc9018ed36858cb674dc9a5c0266054ad379d5256e7c87f09b96e30ee953155299233

  • SSDEEP

    1536:PnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:PGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      622b5463286e6c03bce72835002b0120_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      622b5463286e6c03bce72835002b0120

    • SHA1

      af803153fea19f43991c63caa9dfee6becec0d36

    • SHA256

      8b833c0a222bb56ce94b6ad8351f01f7060d8fa1630983878a2c348540bc8e46

    • SHA512

      97491df31d5c5a5e60a7badc23acc5ffd68c867154642ecbb28a478a0e9cc9018ed36858cb674dc9a5c0266054ad379d5256e7c87f09b96e30ee953155299233

    • SSDEEP

      1536:PnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:PGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks