Overview

overview

10

Static

static

3

2113dc820e...cs.exe

windows7-x64

10

2113dc820e...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2113dc820e082a6d3739b563cbd3e64ab3184dec68ba3b93d18a6d9a8771331a_NeikiAnalytics.exe

  • Size

    134KB

  • Sample

    240702-bftfsa1bqf

  • MD5

    f84edb5ec9838df02ce79f300a470d90

  • SHA1

    73037128c1cfcf4d86abec02520a8f82e76dfd4e

  • SHA256

    2113dc820e082a6d3739b563cbd3e64ab3184dec68ba3b93d18a6d9a8771331a

  • SHA512

    2f49df26df94e5d273aa732e2b95a58e6a253c33885b373c5d7b754b80abac15f89b5055a2c36ae7fcbcc6315344af110ed8f6a08cab9b3b0a6ee686b52d5a93

  • SSDEEP

    1536:RDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:xiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      2113dc820e082a6d3739b563cbd3e64ab3184dec68ba3b93d18a6d9a8771331a_NeikiAnalytics.exe

    • Size

      134KB

    • MD5

      f84edb5ec9838df02ce79f300a470d90

    • SHA1

      73037128c1cfcf4d86abec02520a8f82e76dfd4e

    • SHA256

      2113dc820e082a6d3739b563cbd3e64ab3184dec68ba3b93d18a6d9a8771331a

    • SHA512

      2f49df26df94e5d273aa732e2b95a58e6a253c33885b373c5d7b754b80abac15f89b5055a2c36ae7fcbcc6315344af110ed8f6a08cab9b3b0a6ee686b52d5a93

    • SSDEEP

      1536:RDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:xiRTeH0iqAW6J6f1tqF6dngNmaZCia

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks