General

  • Target

    7de7170740ccf25573e41111548288e0_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240519-ft6qgsbg91

  • MD5

    7de7170740ccf25573e41111548288e0

  • SHA1

    4b55ee117da5a42c3daa8bd55dab20d9e819a7de

  • SHA256

    7014ad0cd2419b953384f15b886e179e213e2dc400dbcb95e8fc9963e650cbf2

  • SHA512

    a993848ad0d44f4a7a0fa280055a04623b486435f1f07b8a1b749c5890ca770bf03e0a82dcfa7cf8524706f1a32c3d99ea15c99cb7b8ab550747e82e4c867dc0

  • SSDEEP

    1536:ADfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:2iRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      7de7170740ccf25573e41111548288e0_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      7de7170740ccf25573e41111548288e0

    • SHA1

      4b55ee117da5a42c3daa8bd55dab20d9e819a7de

    • SHA256

      7014ad0cd2419b953384f15b886e179e213e2dc400dbcb95e8fc9963e650cbf2

    • SHA512

      a993848ad0d44f4a7a0fa280055a04623b486435f1f07b8a1b749c5890ca770bf03e0a82dcfa7cf8524706f1a32c3d99ea15c99cb7b8ab550747e82e4c867dc0

    • SSDEEP

      1536:ADfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:2iRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks