General

  • Target

    80d79607b621f93a82fb2427a440e9b0_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-f254xscd83

  • MD5

    80d79607b621f93a82fb2427a440e9b0

  • SHA1

    d3b04cd6606ded5d85d81e038644c6469bfdfe52

  • SHA256

    ef07774e117760b22f8ec68dece180c9fa6ea07842fb4b48db1e8fdbaf59295f

  • SHA512

    4014a2f4e5962886dd71866c3090efd22da5f325c577946847883f17ceac55f3b1d260a05f38ebcc999dde3eb92db6bd827363675efb8eb2e4551575aae2cea9

  • SSDEEP

    1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:OGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      80d79607b621f93a82fb2427a440e9b0_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      80d79607b621f93a82fb2427a440e9b0

    • SHA1

      d3b04cd6606ded5d85d81e038644c6469bfdfe52

    • SHA256

      ef07774e117760b22f8ec68dece180c9fa6ea07842fb4b48db1e8fdbaf59295f

    • SHA512

      4014a2f4e5962886dd71866c3090efd22da5f325c577946847883f17ceac55f3b1d260a05f38ebcc999dde3eb92db6bd827363675efb8eb2e4551575aae2cea9

    • SSDEEP

      1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:OGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks