Overview

overview

10

Static

static

3

bb3d5c9853...cs.exe

windows7-x64

10

bb3d5c9853...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bb3d5c985340976b6cdf83616badc8d0_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240606-td6mfagb9y

  • MD5

    bb3d5c985340976b6cdf83616badc8d0

  • SHA1

    c3034a1b1848cc08dc56737cf6b8c91942860328

  • SHA256

    542d3a3dac850997a8958b2eed0785c2d68a6ff99357752bf6d69247bb8ee760

  • SHA512

    f89f356c9240e3724b0fa549f52985692d6da3661d7e15e7cab48b502a94c1a0ed04bae6390b99611387ac689094f540a22333627bf1147c8f4fbb60c4ff59a8

  • SSDEEP

    1536:ODfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:wiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      bb3d5c985340976b6cdf83616badc8d0_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      bb3d5c985340976b6cdf83616badc8d0

    • SHA1

      c3034a1b1848cc08dc56737cf6b8c91942860328

    • SHA256

      542d3a3dac850997a8958b2eed0785c2d68a6ff99357752bf6d69247bb8ee760

    • SHA512

      f89f356c9240e3724b0fa549f52985692d6da3661d7e15e7cab48b502a94c1a0ed04bae6390b99611387ac689094f540a22333627bf1147c8f4fbb60c4ff59a8

    • SSDEEP

      1536:ODfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:wiRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks