neconyd | 1f2d0d245c91e112cb44208bd4f47bdd067f6a1ef9c7f8e33f3d49db784f715a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f2d0d245c91e112cb44208bd4f47bdd067f6a1ef9c7f8e33f3d49db784f715a_NeikiAnalytics
Size

96KB
Sample

240521-jtcdesdg41
MD5

7ec381c4b60d6d4bb8c153c3e1827110
SHA1

0f41884d1f4093b53849a3de27b1886f621c63a4
SHA256

1f2d0d245c91e112cb44208bd4f47bdd067f6a1ef9c7f8e33f3d49db784f715a
SHA512

0e05d6e74b8a229f5f14e8e76d60d2d7bbdb8d536bba330900ac9394eb8d6ba8b661abedeff9dfc3f6055b788b43a9bd1ade38889a8c98af0c7ed8945cb989fd
SSDEEP

1536:KnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:KGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1f2d0d245c91e112cb44208bd4f47bdd067f6a1ef9c7f8e33f3d49db784f715a_NeikiAnalytics
- Size
  
  96KB
- MD5
  
  7ec381c4b60d6d4bb8c153c3e1827110
- SHA1
  
  0f41884d1f4093b53849a3de27b1886f621c63a4
- SHA256
  
  1f2d0d245c91e112cb44208bd4f47bdd067f6a1ef9c7f8e33f3d49db784f715a
- SHA512
  
  0e05d6e74b8a229f5f14e8e76d60d2d7bbdb8d536bba330900ac9394eb8d6ba8b661abedeff9dfc3f6055b788b43a9bd1ade38889a8c98af0c7ed8945cb989fd
- SSDEEP
  
  1536:KnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:KGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2