General

  • Target

    80659d1c1478d64d4936500b6bbef0f0_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-f18tescb9x

  • MD5

    80659d1c1478d64d4936500b6bbef0f0

  • SHA1

    a702007b419cce71a5d7cccaf2d3d4d5d4760da5

  • SHA256

    cdbda7ae68a56a8afb9f29e1437b016e779912b8f17454dbe1c9f32011177958

  • SHA512

    583e46b5b0d0b4661cd64e79d6e5c66393b97f3de3d2ae92efe531be44529c8cd9b72972defcdba66ee13d4c97d29f2cefdca7d8528b5aad6575625cc5fefab6

  • SSDEEP

    1536:lnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:lGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      80659d1c1478d64d4936500b6bbef0f0_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      80659d1c1478d64d4936500b6bbef0f0

    • SHA1

      a702007b419cce71a5d7cccaf2d3d4d5d4760da5

    • SHA256

      cdbda7ae68a56a8afb9f29e1437b016e779912b8f17454dbe1c9f32011177958

    • SHA512

      583e46b5b0d0b4661cd64e79d6e5c66393b97f3de3d2ae92efe531be44529c8cd9b72972defcdba66ee13d4c97d29f2cefdca7d8528b5aad6575625cc5fefab6

    • SSDEEP

      1536:lnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:lGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks