General

  • Target

    20fead5ff3e066fb4cf2a6835f6ec2aaa12f04a0ffb9485a101f7afcacef36c6_NeikiAnalytics

  • Size

    35KB

  • Sample

    240521-j9tyeaed8w

  • MD5

    6862e895fe9ff3005e8db04c566ac230

  • SHA1

    efda4e7109438f149fc914e18d632917937dcb1c

  • SHA256

    20fead5ff3e066fb4cf2a6835f6ec2aaa12f04a0ffb9485a101f7afcacef36c6

  • SHA512

    d883a78b74caef858685c49a4c4c2ad979f57710b8ed7ead505e2057f85f88e7926eadf729a9b684ade7c46a095403e240bdbafd5af6445123f885fa27884523

  • SSDEEP

    768:M6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:L8Z0kA7FHlO2OwOTUtKjpB

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      20fead5ff3e066fb4cf2a6835f6ec2aaa12f04a0ffb9485a101f7afcacef36c6_NeikiAnalytics

    • Size

      35KB

    • MD5

      6862e895fe9ff3005e8db04c566ac230

    • SHA1

      efda4e7109438f149fc914e18d632917937dcb1c

    • SHA256

      20fead5ff3e066fb4cf2a6835f6ec2aaa12f04a0ffb9485a101f7afcacef36c6

    • SHA512

      d883a78b74caef858685c49a4c4c2ad979f57710b8ed7ead505e2057f85f88e7926eadf729a9b684ade7c46a095403e240bdbafd5af6445123f885fa27884523

    • SSDEEP

      768:M6vjVmakOElpmAsUA7DJHrhto2OsgwAPTUrpiEe7HpB:L8Z0kA7FHlO2OwOTUtKjpB

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks