neconyd | 97292122b779b6ed6155a18294fc252db155411ae01e51e38f4f7c027cf606f1 | Triage

Sharing

General

Target

97292122b779b6ed6155a18294fc252db155411ae01e51e38f4f7c027cf606f1N
Size

80KB
Sample

240927-b3kr6a1fna
MD5

a18df377b1afe9e98cef42387cfc8760
SHA1

168bd8b5c5a2d59776167993c69c13d75cb78a8e
SHA256

97292122b779b6ed6155a18294fc252db155411ae01e51e38f4f7c027cf606f1
SHA512

f198a3e07d4294a9f7447a657780a6f0ad25123804492064fc3ad352b4b595da28ebd5b2ae5d7e3c9f34e92fe60b1a12ae56308f8caf7f653dc1a333c6f53ca9
SSDEEP

768:jfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:jfbIvYvZEyFKF6N4yS+AQmZTl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  97292122b779b6ed6155a18294fc252db155411ae01e51e38f4f7c027cf606f1N
- Size
  
  80KB
- MD5
  
  a18df377b1afe9e98cef42387cfc8760
- SHA1
  
  168bd8b5c5a2d59776167993c69c13d75cb78a8e
- SHA256
  
  97292122b779b6ed6155a18294fc252db155411ae01e51e38f4f7c027cf606f1
- SHA512
  
  f198a3e07d4294a9f7447a657780a6f0ad25123804492064fc3ad352b4b595da28ebd5b2ae5d7e3c9f34e92fe60b1a12ae56308f8caf7f653dc1a333c6f53ca9
- SSDEEP
  
  768:jfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:jfbIvYvZEyFKF6N4yS+AQmZTl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan