Overview

overview

10

Static

static

3

959c9e32ff...cs.exe

windows7-x64

10

959c9e32ff...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    959c9e32ffafbe2b02a33708f3032780_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240619-gph93avgmf

  • MD5

    959c9e32ffafbe2b02a33708f3032780

  • SHA1

    9fb2ba57683f6a8a4681e0d346468772b3b499f7

  • SHA256

    5e022ad97643f02dca1260e34e98ecc31736bcef7f9f0691e9138887292f9c9f

  • SHA512

    d75d7479d7f5a883648ef5a92fb7dadbba87fcbfa2ce22aba0371b5f5587e7e4925ea1bc4dd5c0a6aaf8a8c5e9399ad7f62288811f0dce3b52c18f7f7a2ce305

  • SSDEEP

    1536:sDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:SiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      959c9e32ffafbe2b02a33708f3032780_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      959c9e32ffafbe2b02a33708f3032780

    • SHA1

      9fb2ba57683f6a8a4681e0d346468772b3b499f7

    • SHA256

      5e022ad97643f02dca1260e34e98ecc31736bcef7f9f0691e9138887292f9c9f

    • SHA512

      d75d7479d7f5a883648ef5a92fb7dadbba87fcbfa2ce22aba0371b5f5587e7e4925ea1bc4dd5c0a6aaf8a8c5e9399ad7f62288811f0dce3b52c18f7f7a2ce305

    • SSDEEP

      1536:sDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:SiRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks