General

  • Target

    bc1b516d2190fc2bd554747ec65272d0_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240519-pknmzsha27

  • MD5

    bc1b516d2190fc2bd554747ec65272d0

  • SHA1

    e8e757217b427dcb2a73afc7ee695e7edbd4e45a

  • SHA256

    5e408929a4e8eb36edc08702ddde69d6203ab20ea2a9464dea477a5d59bf0c60

  • SHA512

    f12852e2a66371620dfd42fe60cbcc6fc987b9d64ca9fbd111e02d4035e06d27c15c696f70bf5a0818917c2953e4d219f53b06b9f42db956e0753161213d2bc4

  • SSDEEP

    1536:rnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:rGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      bc1b516d2190fc2bd554747ec65272d0_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      bc1b516d2190fc2bd554747ec65272d0

    • SHA1

      e8e757217b427dcb2a73afc7ee695e7edbd4e45a

    • SHA256

      5e408929a4e8eb36edc08702ddde69d6203ab20ea2a9464dea477a5d59bf0c60

    • SHA512

      f12852e2a66371620dfd42fe60cbcc6fc987b9d64ca9fbd111e02d4035e06d27c15c696f70bf5a0818917c2953e4d219f53b06b9f42db956e0753161213d2bc4

    • SSDEEP

      1536:rnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:rGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks