neconyd | 46f9c033ee6db48d111dde50b68ac790ae0b201954bc1501e30a7f70f4597a3a | Triage

Sharing

General

Target

7b8000f9c01a420e8bbe8764221b88a0N
Size

96KB
Sample

240913-fwepsawcqm
MD5

7b8000f9c01a420e8bbe8764221b88a0
SHA1

240e672471aceb45b4fd9a0d9a2f0cb8db994323
SHA256

46f9c033ee6db48d111dde50b68ac790ae0b201954bc1501e30a7f70f4597a3a
SHA512

58706788e8e445cd8914d63b4ad3002b30c246d4313c97768360fc3767c80c5dc49abfe5849ac695b91aafac59586af6598bcf73d8606b6969810a2a5ba3c33b
SSDEEP

1536:dnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:dGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7b8000f9c01a420e8bbe8764221b88a0N
- Size
  
  96KB
- MD5
  
  7b8000f9c01a420e8bbe8764221b88a0
- SHA1
  
  240e672471aceb45b4fd9a0d9a2f0cb8db994323
- SHA256
  
  46f9c033ee6db48d111dde50b68ac790ae0b201954bc1501e30a7f70f4597a3a
- SHA512
  
  58706788e8e445cd8914d63b4ad3002b30c246d4313c97768360fc3767c80c5dc49abfe5849ac695b91aafac59586af6598bcf73d8606b6969810a2a5ba3c33b
- SSDEEP
  
  1536:dnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:dGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan