General

  • Target

    533c252ca1525075953237d5aacce38836f7dfb971819e683699fab637986424_NeikiAnalytics

  • Size

    134KB

  • Sample

    240521-qhc9xafc3x

  • MD5

    7bf80e6f27ff9f86128bc19f41c6cbe0

  • SHA1

    58be09d873140ba54bffff1065453bc04ed30749

  • SHA256

    533c252ca1525075953237d5aacce38836f7dfb971819e683699fab637986424

  • SHA512

    77c19e21336072386e232ae5bd5ad74ff8e83b4bf81423dfb68fa2f9ccf727909fa9b4cc8bb4a0ebe17d704509ce9d2f7410ee61ecf3e0a7240be7e333f009f2

  • SSDEEP

    1536:rBDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCQ:rhiRTeH0NqAW6J6f1tqF6dngNmaZC7M

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      533c252ca1525075953237d5aacce38836f7dfb971819e683699fab637986424_NeikiAnalytics

    • Size

      134KB

    • MD5

      7bf80e6f27ff9f86128bc19f41c6cbe0

    • SHA1

      58be09d873140ba54bffff1065453bc04ed30749

    • SHA256

      533c252ca1525075953237d5aacce38836f7dfb971819e683699fab637986424

    • SHA512

      77c19e21336072386e232ae5bd5ad74ff8e83b4bf81423dfb68fa2f9ccf727909fa9b4cc8bb4a0ebe17d704509ce9d2f7410ee61ecf3e0a7240be7e333f009f2

    • SSDEEP

      1536:rBDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCQ:rhiRTeH0NqAW6J6f1tqF6dngNmaZC7M

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks