Overview

overview

10

Static

static

3

3b0bb2d7e1...cs.exe

windows7-x64

10

3b0bb2d7e1...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b0bb2d7e1f2b827d845f6030a48b9b0_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240618-mwmtqathrk

  • MD5

    3b0bb2d7e1f2b827d845f6030a48b9b0

  • SHA1

    7027dfd12f573863c5232538f4dfde25fdc8a047

  • SHA256

    cdae2ac36a74ac1a927a24784ab65549b0b036d5b16d5a5792a27909dd4d9d08

  • SHA512

    0d9a3574a97efad23896429ef7fcbcb4825312e9a2dedd9ef8fd4db624a3552c5f7972aacc5bba79bf83197543977da545920c750904613fc0c3ede917ac5c21

  • SSDEEP

    1536:0DfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:KiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      3b0bb2d7e1f2b827d845f6030a48b9b0_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      3b0bb2d7e1f2b827d845f6030a48b9b0

    • SHA1

      7027dfd12f573863c5232538f4dfde25fdc8a047

    • SHA256

      cdae2ac36a74ac1a927a24784ab65549b0b036d5b16d5a5792a27909dd4d9d08

    • SHA512

      0d9a3574a97efad23896429ef7fcbcb4825312e9a2dedd9ef8fd4db624a3552c5f7972aacc5bba79bf83197543977da545920c750904613fc0c3ede917ac5c21

    • SSDEEP

      1536:0DfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:KiRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks