Overview

overview

10

Static

static

3

18ea018660...cs.exe

windows7-x64

10

18ea018660...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    18ea01866023499ee0a46c5985fd4870_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240610-ra9htayflm

  • MD5

    18ea01866023499ee0a46c5985fd4870

  • SHA1

    76d9d06f20cccf51503648a7b6c5e7c5e49a8944

  • SHA256

    95466c263a6855472fa597263d5114f73222508d09de7bd999641ac459e7567c

  • SHA512

    305ad1167dcfcda101266cc1e52fd2a047f43b451ea60899287ebaee92ada2b64b247cea6841a9b5619a0531350c119cd05f8f1494f4b9182014e4357455bfec

  • SSDEEP

    1536:5nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:5Gs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      18ea01866023499ee0a46c5985fd4870_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      18ea01866023499ee0a46c5985fd4870

    • SHA1

      76d9d06f20cccf51503648a7b6c5e7c5e49a8944

    • SHA256

      95466c263a6855472fa597263d5114f73222508d09de7bd999641ac459e7567c

    • SHA512

      305ad1167dcfcda101266cc1e52fd2a047f43b451ea60899287ebaee92ada2b64b247cea6841a9b5619a0531350c119cd05f8f1494f4b9182014e4357455bfec

    • SSDEEP

      1536:5nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:5Gs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks