neconyd | 64a97c2c5d777bd0121f7e6783103cdd931c3e4a9331724a13a8eb5b0f5f1cf9 | Triage

Sharing

General

Target

2025-04-06_7ccf748e802c7454801451137f4c6914_amadey_rhadamanthys_smoke-loader
Size

134KB
Sample

250406-klxj3axnv8
MD5

7ccf748e802c7454801451137f4c6914
SHA1

334294b4f37e702568feca00fafd35d725942d03
SHA256

64a97c2c5d777bd0121f7e6783103cdd931c3e4a9331724a13a8eb5b0f5f1cf9
SHA512

c2a3c5a58ad62059382da95a05397e37441d615e55fd0aa25131efa4daddfddd4cca5c062ca61d15e359e9c13d731dd715b68fc0e39f927e900017c79b225a14
SSDEEP

1536:yDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCi/:kiRTeH0iqAW6J6f1tqF6dngNmaZCiaI

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  2025-04-06_7ccf748e802c7454801451137f4c6914_amadey_rhadamanthys_smoke-loader
- Size
  
  134KB
- MD5
  
  7ccf748e802c7454801451137f4c6914
- SHA1
  
  334294b4f37e702568feca00fafd35d725942d03
- SHA256
  
  64a97c2c5d777bd0121f7e6783103cdd931c3e4a9331724a13a8eb5b0f5f1cf9
- SHA512
  
  c2a3c5a58ad62059382da95a05397e37441d615e55fd0aa25131efa4daddfddd4cca5c062ca61d15e359e9c13d731dd715b68fc0e39f927e900017c79b225a14
- SSDEEP
  
  1536:yDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCi/:kiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan