neconyd | 8030baff2641e9129651195963fcf581932762689ced6623b3ede223ce52bed4 | Triage

Sharing

General

Target

2025-04-06_95c55ca881eaad2bd0cc78e2397db250_amadey_rhadamanthys_smoke-loader
Size

134KB
Sample

250406-x58snawyfs
MD5

95c55ca881eaad2bd0cc78e2397db250
SHA1

60c91ef6bb168076252180eaa0d03de2fccbbb52
SHA256

8030baff2641e9129651195963fcf581932762689ced6623b3ede223ce52bed4
SHA512

d8af069b2993b36563f04cc67f0181fe7600b629627a1ce8f168fff32a19660b78b2b5c827d40194cb8fe3e647f51a2b840bb68e7b9079998aad98a901c5b7ec
SSDEEP

1536:ADfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:2iRTeH0iqAW6J6f1tqF6dngNmaZCia

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  2025-04-06_95c55ca881eaad2bd0cc78e2397db250_amadey_rhadamanthys_smoke-loader
- Size
  
  134KB
- MD5
  
  95c55ca881eaad2bd0cc78e2397db250
- SHA1
  
  60c91ef6bb168076252180eaa0d03de2fccbbb52
- SHA256
  
  8030baff2641e9129651195963fcf581932762689ced6623b3ede223ce52bed4
- SHA512
  
  d8af069b2993b36563f04cc67f0181fe7600b629627a1ce8f168fff32a19660b78b2b5c827d40194cb8fe3e647f51a2b840bb68e7b9079998aad98a901c5b7ec
- SSDEEP
  
  1536:ADfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:2iRTeH0iqAW6J6f1tqF6dngNmaZCia
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan