neconyd | b06d7cd428c59e8ed614c3bf2475cadb03e6d20299fca47fd545fe5f7993be37 | Triage

Sharing

General

Target

2b7b7ff52de860b729fdf80c48091be0N.exe
Size

134KB
Sample

240818-k75skawgpg
MD5

2b7b7ff52de860b729fdf80c48091be0
SHA1

ea9926aff20c7767152a41cd9755009146aeae8f
SHA256

b06d7cd428c59e8ed614c3bf2475cadb03e6d20299fca47fd545fe5f7993be37
SHA512

2df0b1699abb5bea2a5ee8cd5712c6e4a9fb5e8ffb79283be529ffb1bbbe72eee4c82db89f35f5ec1d529285d87f25f9c7787235648f66b62f7eea7f7fa5e967
SSDEEP

1536:sDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:SiRTeH0NqAW6J6f1tqF6dngNmaZC7M

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  2b7b7ff52de860b729fdf80c48091be0N.exe
- Size
  
  134KB
- MD5
  
  2b7b7ff52de860b729fdf80c48091be0
- SHA1
  
  ea9926aff20c7767152a41cd9755009146aeae8f
- SHA256
  
  b06d7cd428c59e8ed614c3bf2475cadb03e6d20299fca47fd545fe5f7993be37
- SHA512
  
  2df0b1699abb5bea2a5ee8cd5712c6e4a9fb5e8ffb79283be529ffb1bbbe72eee4c82db89f35f5ec1d529285d87f25f9c7787235648f66b62f7eea7f7fa5e967
- SSDEEP
  
  1536:sDfDbhERTatPLTH0NqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwC7M:SiRTeH0NqAW6J6f1tqF6dngNmaZC7M
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan