General

  • Target

    95fd284af4caf4e10d3112eee9aac450_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-hkwj9sfb37

  • MD5

    95fd284af4caf4e10d3112eee9aac450

  • SHA1

    3a298e2c405cedb0bfea2ca462bd39b83f49cdd2

  • SHA256

    deb8148bb5e671094821204edbd05f86e154cef3eb3c7a15ab20fbf99bed8381

  • SHA512

    829b968ab9cc759ab74c1e94c68d294812254f72a90d20c449439e341d830041712a8ffec9d963db9405bb5f5a7fd5a0dbcd2db33dd9ca8a9e35373a598c15b8

  • SSDEEP

    1536:7nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:7Gs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      95fd284af4caf4e10d3112eee9aac450_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      95fd284af4caf4e10d3112eee9aac450

    • SHA1

      3a298e2c405cedb0bfea2ca462bd39b83f49cdd2

    • SHA256

      deb8148bb5e671094821204edbd05f86e154cef3eb3c7a15ab20fbf99bed8381

    • SHA512

      829b968ab9cc759ab74c1e94c68d294812254f72a90d20c449439e341d830041712a8ffec9d963db9405bb5f5a7fd5a0dbcd2db33dd9ca8a9e35373a598c15b8

    • SSDEEP

      1536:7nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:7Gs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks