neconyd | 53e5e852228ed1f8c8133d502d1f22f915f9a4b9f92667ed29281038eb2d5376 | Triage

Sharing

General

Target

028608a36f9f35248232e75da6ec2b30_NeikiAnalytics.exe
Size

96KB
Sample

240617-zyd1taybqn
MD5

028608a36f9f35248232e75da6ec2b30
SHA1

7e157d1b6d456a35196a81b0d2a9bb996eb0bffe
SHA256

53e5e852228ed1f8c8133d502d1f22f915f9a4b9f92667ed29281038eb2d5376
SHA512

ceccfdd0f7d414dbc8e9c269fa64b91b34c568543dfcb284c1015b5ed7eb2532f155b45584e584b23924a4baf4d536340d7e0289306e1f1d90ac667fa3904f0d
SSDEEP

1536:5nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:5Gs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  028608a36f9f35248232e75da6ec2b30_NeikiAnalytics.exe
- Size
  
  96KB
- MD5
  
  028608a36f9f35248232e75da6ec2b30
- SHA1
  
  7e157d1b6d456a35196a81b0d2a9bb996eb0bffe
- SHA256
  
  53e5e852228ed1f8c8133d502d1f22f915f9a4b9f92667ed29281038eb2d5376
- SHA512
  
  ceccfdd0f7d414dbc8e9c269fa64b91b34c568543dfcb284c1015b5ed7eb2532f155b45584e584b23924a4baf4d536340d7e0289306e1f1d90ac667fa3904f0d
- SSDEEP
  
  1536:5nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:5Gs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2