General

  • Target

    ebb2cf253e3847bec6cc083d983e0cd0_NeikiAnalytics.exe

  • Size

    35KB

  • Sample

    240520-msfagagf5y

  • MD5

    ebb2cf253e3847bec6cc083d983e0cd0

  • SHA1

    54478375803567ea529a7dbe8c6a3c2389b96852

  • SHA256

    9b228f5f4ee4fd9ef17917cb3077f2000627dfe702c2bc0807fb70598475ed1d

  • SHA512

    2e60c1d36fa363fbc4ca4f5c4c6257849cb9decff145f8e0e2b5613420bcd975c599d3e21f8403cc710d3a89e6ead61b0d6c6c484289fa7161b2d5603e0ce93c

  • SSDEEP

    768:i6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:R8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      ebb2cf253e3847bec6cc083d983e0cd0_NeikiAnalytics.exe

    • Size

      35KB

    • MD5

      ebb2cf253e3847bec6cc083d983e0cd0

    • SHA1

      54478375803567ea529a7dbe8c6a3c2389b96852

    • SHA256

      9b228f5f4ee4fd9ef17917cb3077f2000627dfe702c2bc0807fb70598475ed1d

    • SHA512

      2e60c1d36fa363fbc4ca4f5c4c6257849cb9decff145f8e0e2b5613420bcd975c599d3e21f8403cc710d3a89e6ead61b0d6c6c484289fa7161b2d5603e0ce93c

    • SSDEEP

      768:i6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:R8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks