Overview

overview

10

Static

static

3

64a90771be...cs.exe

windows7-x64

10

64a90771be...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64a90771be406ebac840de56981e7ff0_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240607-sfjd9abb55

  • MD5

    64a90771be406ebac840de56981e7ff0

  • SHA1

    263893bba3c4a926573b33544130deb569e49adf

  • SHA256

    eb51d8b8ed5f1feba15cea3da543ec3723876c170dfd089b89f0c23f2e76588f

  • SHA512

    0c051f9f61fd9e5d292c3998670181f5b8daa72dbf1ef8d8a99cbf5d5fb6b3049ffebc7f31212ca99c54848921b1c93062058f7799cf8f73732db9dd8ccb2517

  • SSDEEP

    1536:9nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:9Gs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      64a90771be406ebac840de56981e7ff0_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      64a90771be406ebac840de56981e7ff0

    • SHA1

      263893bba3c4a926573b33544130deb569e49adf

    • SHA256

      eb51d8b8ed5f1feba15cea3da543ec3723876c170dfd089b89f0c23f2e76588f

    • SHA512

      0c051f9f61fd9e5d292c3998670181f5b8daa72dbf1ef8d8a99cbf5d5fb6b3049ffebc7f31212ca99c54848921b1c93062058f7799cf8f73732db9dd8ccb2517

    • SSDEEP

      1536:9nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:9Gs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks