General

  • Target

    28b978601ab736e4a017e39dc265d12d4cf2d25549e7539c9a50bed7e1fb2ce5_NeikiAnalytics

  • Size

    96KB

  • Sample

    240521-k341gafg8t

  • MD5

    7d7d38d81a8a9e8a2c8650d1381a2500

  • SHA1

    8358bf783d8c2721b370a4f6e9605690b010dd07

  • SHA256

    28b978601ab736e4a017e39dc265d12d4cf2d25549e7539c9a50bed7e1fb2ce5

  • SHA512

    9d6dbbe62f3fe1b29deafe322784dc67aaaa335e98baf8b221babbc33a80f531016123dc0f74149302a7e098c32083a2f42c2f3140ef98da5aee0e8bfa2c1d97

  • SSDEEP

    1536:dnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:dGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      28b978601ab736e4a017e39dc265d12d4cf2d25549e7539c9a50bed7e1fb2ce5_NeikiAnalytics

    • Size

      96KB

    • MD5

      7d7d38d81a8a9e8a2c8650d1381a2500

    • SHA1

      8358bf783d8c2721b370a4f6e9605690b010dd07

    • SHA256

      28b978601ab736e4a017e39dc265d12d4cf2d25549e7539c9a50bed7e1fb2ce5

    • SHA512

      9d6dbbe62f3fe1b29deafe322784dc67aaaa335e98baf8b221babbc33a80f531016123dc0f74149302a7e098c32083a2f42c2f3140ef98da5aee0e8bfa2c1d97

    • SSDEEP

      1536:dnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:dGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks