Overview

overview

10

Static

static

3

9cef2defbe...cs.exe

windows7-x64

10

9cef2defbe...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9cef2defbef01d4f114f09aa573332f403d2aa1c1ec7e4e20f11f767c664e2e6_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240628-r46c9axfmj

  • MD5

    13785681fe554b4352437bb1401992e0

  • SHA1

    bb779ded51e8337137d3e79e6368d090569a5604

  • SHA256

    9cef2defbef01d4f114f09aa573332f403d2aa1c1ec7e4e20f11f767c664e2e6

  • SHA512

    b6e27a7d9fbe6357317232c7386cbaa42fa45e56e7910630cdba1caf3382bda162ed9a09a41154f2e0f6f37f2a146a8cd1d77bcd9909093f3ab6d9dccabae7dc

  • SSDEEP

    1536:knAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:kGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      9cef2defbef01d4f114f09aa573332f403d2aa1c1ec7e4e20f11f767c664e2e6_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      13785681fe554b4352437bb1401992e0

    • SHA1

      bb779ded51e8337137d3e79e6368d090569a5604

    • SHA256

      9cef2defbef01d4f114f09aa573332f403d2aa1c1ec7e4e20f11f767c664e2e6

    • SHA512

      b6e27a7d9fbe6357317232c7386cbaa42fa45e56e7910630cdba1caf3382bda162ed9a09a41154f2e0f6f37f2a146a8cd1d77bcd9909093f3ab6d9dccabae7dc

    • SSDEEP

      1536:knAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:kGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks