Overview

overview

10

Static

static

3

3c4e37612e...cs.exe

windows7-x64

10

3c4e37612e...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c4e37612eae47d79a757385cd0c8990_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240617-dlcrbswamr

  • MD5

    3c4e37612eae47d79a757385cd0c8990

  • SHA1

    a7123106055de5243b49f7f9137c263bba2afe1d

  • SHA256

    e27dab0d47fb76223d85fbf1d88aedce2f7237cb4163c889678ac54f1a3d03ee

  • SHA512

    86daf6fa968dad1896ccd746de08ef32b53eb007fa60834b476d2a9275141399523cb9c15669e0be43cd3aa3a13726c2ec183923568dbc1a80b443bb8eae2320

  • SSDEEP

    1536:LnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:LGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      3c4e37612eae47d79a757385cd0c8990_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      3c4e37612eae47d79a757385cd0c8990

    • SHA1

      a7123106055de5243b49f7f9137c263bba2afe1d

    • SHA256

      e27dab0d47fb76223d85fbf1d88aedce2f7237cb4163c889678ac54f1a3d03ee

    • SHA512

      86daf6fa968dad1896ccd746de08ef32b53eb007fa60834b476d2a9275141399523cb9c15669e0be43cd3aa3a13726c2ec183923568dbc1a80b443bb8eae2320

    • SSDEEP

      1536:LnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:LGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks