General

  • Target

    abd6f189e5f0d6b035e0987d4c47fe30_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-kafr6sad94

  • MD5

    abd6f189e5f0d6b035e0987d4c47fe30

  • SHA1

    974b6e7a001802f3e500ef671e5767c0e24b9c78

  • SHA256

    64795cb9050fc577df33e363c7cc38ad3deff3d22b1fe38e3da665607a5aa99f

  • SHA512

    bc69244560282c3fa148e868263b06ddc6eedf63bccb3c99b3deb44c0a9ca45ca6ffd1bc99299083b39cae8a5b282392ab15bc924915c71f41febd7191e64cd9

  • SSDEEP

    1536:1nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:1Gs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      abd6f189e5f0d6b035e0987d4c47fe30_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      abd6f189e5f0d6b035e0987d4c47fe30

    • SHA1

      974b6e7a001802f3e500ef671e5767c0e24b9c78

    • SHA256

      64795cb9050fc577df33e363c7cc38ad3deff3d22b1fe38e3da665607a5aa99f

    • SHA512

      bc69244560282c3fa148e868263b06ddc6eedf63bccb3c99b3deb44c0a9ca45ca6ffd1bc99299083b39cae8a5b282392ab15bc924915c71f41febd7191e64cd9

    • SSDEEP

      1536:1nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:1Gs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks