General

  • Target

    1223f3fc984b9608c6893175381e40e0_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240522-afsntaee5t

  • MD5

    1223f3fc984b9608c6893175381e40e0

  • SHA1

    bb7fa957fe8cea49e891d39bc5deae34a4b78c9f

  • SHA256

    80bb9eba7fc0082b35bb6bad4f1619ea7e8bb8fdeb14657d591eb8d1646f13b4

  • SHA512

    d32ee5b2dc686fc2e457ba7f6c322229aa69915409f728c841d99923d75469cd722e3e8d364ce15a6643dd429aac14ec07ac98df96d957b49f2ef0eb1fbddf1e

  • SSDEEP

    1536:dnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:dGs8cd8eXlYairZYqMddH13L

Score
10/10

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      1223f3fc984b9608c6893175381e40e0_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      1223f3fc984b9608c6893175381e40e0

    • SHA1

      bb7fa957fe8cea49e891d39bc5deae34a4b78c9f

    • SHA256

      80bb9eba7fc0082b35bb6bad4f1619ea7e8bb8fdeb14657d591eb8d1646f13b4

    • SHA512

      d32ee5b2dc686fc2e457ba7f6c322229aa69915409f728c841d99923d75469cd722e3e8d364ce15a6643dd429aac14ec07ac98df96d957b49f2ef0eb1fbddf1e

    • SSDEEP

      1536:dnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:dGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    • Neconyd

      Neconyd is a trojan written in C++.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks