General

  • Target

    2025-07-02_e1461b7314ba85934304f80026ea50c9_amadey_elex_rhadamanthys_smoke-loader_stop

  • Size

    134KB

  • Sample

    250702-xleepszvh1

  • MD5

    e1461b7314ba85934304f80026ea50c9

  • SHA1

    ca4b37eae633c47bc5c2bee2bae19dbb66fe09e3

  • SHA256

    0246f23dc4a41a8aa8f429b2e7a7a229ec65816537f213fc1c629c9919e7bf68

  • SHA512

    f54fe58e3933d8a4592078098f472625b3ced2b6e4449e32e2b708e913c28e80a5b7873a18ce7b42ea073afbf41459a8abbbe69adc6b7d231cdfd09584194a6f

  • SSDEEP

    1536:LDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:HiRTeH0iqAW6J6f1tqF6dngNmaZCia

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

    • Target

      2025-07-02_e1461b7314ba85934304f80026ea50c9_amadey_elex_rhadamanthys_smoke-loader_stop

    • Size

      134KB

    • MD5

      e1461b7314ba85934304f80026ea50c9

    • SHA1

      ca4b37eae633c47bc5c2bee2bae19dbb66fe09e3

    • SHA256

      0246f23dc4a41a8aa8f429b2e7a7a229ec65816537f213fc1c629c9919e7bf68

    • SHA512

      f54fe58e3933d8a4592078098f472625b3ced2b6e4449e32e2b708e913c28e80a5b7873a18ce7b42ea073afbf41459a8abbbe69adc6b7d231cdfd09584194a6f

    • SSDEEP

      1536:LDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:HiRTeH0iqAW6J6f1tqF6dngNmaZCia

    • Neconyd

      Neconyd is a trojan written in C++.

    • Neconyd family

    • Executes dropped EXE

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v16

Tasks