General

  • Target

    5a2eebc920da9dc455dd24ebf6904fc3d3d2e07ef5bcb0665d6368f0688fa9c7_NeikiAnalytics

  • Size

    96KB

  • Sample

    240521-q8cfasgd4z

  • MD5

    b85a33c1e7d63893459313da98007270

  • SHA1

    fe7bf89eb816827a953d3731e9c6ed9294aefe75

  • SHA256

    5a2eebc920da9dc455dd24ebf6904fc3d3d2e07ef5bcb0665d6368f0688fa9c7

  • SHA512

    948a8b0ee5e0a7e73713749c35c60449ec5bc3679e5570571e9f02bbabeda1a96644494c1e2bb11a0594f7e4014d146dab212475af5d6bbf1d47a41ece9660c8

  • SSDEEP

    1536:inAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:iGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      5a2eebc920da9dc455dd24ebf6904fc3d3d2e07ef5bcb0665d6368f0688fa9c7_NeikiAnalytics

    • Size

      96KB

    • MD5

      b85a33c1e7d63893459313da98007270

    • SHA1

      fe7bf89eb816827a953d3731e9c6ed9294aefe75

    • SHA256

      5a2eebc920da9dc455dd24ebf6904fc3d3d2e07ef5bcb0665d6368f0688fa9c7

    • SHA512

      948a8b0ee5e0a7e73713749c35c60449ec5bc3679e5570571e9f02bbabeda1a96644494c1e2bb11a0594f7e4014d146dab212475af5d6bbf1d47a41ece9660c8

    • SSDEEP

      1536:inAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:iGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks