General

  • Target

    17fa38b96fa6a221b3f2bdcf911db7ac_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-lww7qach33

  • MD5

    17fa38b96fa6a221b3f2bdcf911db7ac

  • SHA1

    14cd0782c88d4ca95b4c13f333b401f9d4dcf5b3

  • SHA256

    2f664cdfb0888fa92847c6f645f3effc7aefe82ad126c0c23a4afc07aa9f8ca0

  • SHA512

    34b4d31fe1c7cdd6be7b5ed0523bc2756219bba8eae291148935f5b5fd66a42e7601b55ff1c64138afb2e6ce9a61f74d3198b7fc60cf3836b4a898ab5cb0b277

  • SSDEEP

    1536:AnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:AGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      17fa38b96fa6a221b3f2bdcf911db7ac_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      17fa38b96fa6a221b3f2bdcf911db7ac

    • SHA1

      14cd0782c88d4ca95b4c13f333b401f9d4dcf5b3

    • SHA256

      2f664cdfb0888fa92847c6f645f3effc7aefe82ad126c0c23a4afc07aa9f8ca0

    • SHA512

      34b4d31fe1c7cdd6be7b5ed0523bc2756219bba8eae291148935f5b5fd66a42e7601b55ff1c64138afb2e6ce9a61f74d3198b7fc60cf3836b4a898ab5cb0b277

    • SSDEEP

      1536:AnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:AGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks