neconyd | 41d0d4f7596557eb029b31db122d783e43ef69904159fc6db41b5327a69a1b18 | Triage

Sharing

General

Target

41d0d4f7596557eb029b31db122d783e43ef69904159fc6db41b5327a69a1b18_NeikiAnalytics.exe
Size

134KB
Sample

240626-dlj6eatgnn
MD5

79ff15a88c82d0e55b21767f90191490
SHA1

79c5734e3ae9604b52c902be5d4c1d162e76d0f8
SHA256

41d0d4f7596557eb029b31db122d783e43ef69904159fc6db41b5327a69a1b18
SHA512

4c428c5225bb7c1caab282bd4ce3f72884bb66a9c131b344c9b04b0cde6ab0ff5dae9214ac7a9455afba038cc5a383421106061114787406bd8ac0e02cebd8ba
SSDEEP

1536:DDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:PiRTeH0NqAW6J6f1tqF6dngNmaZC7M

Score

10^/10

neconyd trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  41d0d4f7596557eb029b31db122d783e43ef69904159fc6db41b5327a69a1b18_NeikiAnalytics.exe
- Size
  
  134KB
- MD5
  
  79ff15a88c82d0e55b21767f90191490
- SHA1
  
  79c5734e3ae9604b52c902be5d4c1d162e76d0f8
- SHA256
  
  41d0d4f7596557eb029b31db122d783e43ef69904159fc6db41b5327a69a1b18
- SHA512
  
  4c428c5225bb7c1caab282bd4ce3f72884bb66a9c131b344c9b04b0cde6ab0ff5dae9214ac7a9455afba038cc5a383421106061114787406bd8ac0e02cebd8ba
- SSDEEP
  
  1536:DDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:PiRTeH0NqAW6J6f1tqF6dngNmaZC7M
Score

10^/10

neconyd trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2