neconyd | e93941d6a5c98fad49f8daa385838193df1376353a63eef3bf5fe6242ee986ed | Triage

Sharing

General

Target

c428167f76e4ea77d9a6008201ab7120_NeikiAnalytics.exe
Size

134KB
Sample

240619-rwkftawhnq
MD5

c428167f76e4ea77d9a6008201ab7120
SHA1

a872612f34b145cc3e59e42193d5c6164c6eeb54
SHA256

e93941d6a5c98fad49f8daa385838193df1376353a63eef3bf5fe6242ee986ed
SHA512

d27eb55795d8c1439ab49b04d88382bf2cf21eaf01de4e77aa1bf9a1e17925942643ffc7fd01a8e7c3c12fc750c53703e49fc93fbd12f128aa73f82ec5c7a044
SSDEEP

1536:EDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:aiRTeH0iqAW6J6f1tqF6dngNmaZCia

Score

10^/10

neconyd trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c428167f76e4ea77d9a6008201ab7120_NeikiAnalytics.exe
- Size
  
  134KB
- MD5
  
  c428167f76e4ea77d9a6008201ab7120
- SHA1
  
  a872612f34b145cc3e59e42193d5c6164c6eeb54
- SHA256
  
  e93941d6a5c98fad49f8daa385838193df1376353a63eef3bf5fe6242ee986ed
- SHA512
  
  d27eb55795d8c1439ab49b04d88382bf2cf21eaf01de4e77aa1bf9a1e17925942643ffc7fd01a8e7c3c12fc750c53703e49fc93fbd12f128aa73f82ec5c7a044
- SSDEEP
  
  1536:EDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:aiRTeH0iqAW6J6f1tqF6dngNmaZCia
Score

10^/10

neconyd trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2