Overview

overview

10

Static

static

3

4cb857672b...cs.exe

windows7-x64

10

4cb857672b...cs.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4cb857672b37dedcb69b0313e437436b428ad4a2abab9f89d6fcdfc1df95ed9a_NeikiAnalytics.exe

  • Size

    96KB

  • Sample

    240702-rbs78avhqb

  • MD5

    8c6bb1ce97ec567195bbd6a829b89550

  • SHA1

    22d4d06109f01f4f97078c8b541916d751835e69

  • SHA256

    4cb857672b37dedcb69b0313e437436b428ad4a2abab9f89d6fcdfc1df95ed9a

  • SHA512

    4c160a4786586e2713a4a24b29c54fd41f62635ffef162be8ad4d4c40afc63d6e69948cb7edbed4289c8abfe6218345f1fc83894253fad589f9a78376958a1bb

  • SSDEEP

    1536:InAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:IGs8cd8eXlYairZYqMddH13L

Score
10/10
neconydtrojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      4cb857672b37dedcb69b0313e437436b428ad4a2abab9f89d6fcdfc1df95ed9a_NeikiAnalytics.exe

    • Size

      96KB

    • MD5

      8c6bb1ce97ec567195bbd6a829b89550

    • SHA1

      22d4d06109f01f4f97078c8b541916d751835e69

    • SHA256

      4cb857672b37dedcb69b0313e437436b428ad4a2abab9f89d6fcdfc1df95ed9a

    • SHA512

      4c160a4786586e2713a4a24b29c54fd41f62635ffef162be8ad4d4c40afc63d6e69948cb7edbed4289c8abfe6218345f1fc83894253fad589f9a78376958a1bb

    • SSDEEP

      1536:InAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:IGs8cd8eXlYairZYqMddH13L

    Score
    10/10
    neconydtrojan

    • Neconyd

      Neconyd is a trojan written in C++.

      trojanneconyd

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks