neconyd | dbbbda7913e0c7b458ce9d2a05a2001dc135da308499ae28bbb883922bbbe869 | Triage

Sharing

General

Target

dbbbda7913e0c7b458ce9d2a05a2001dc135da308499ae28bbb883922bbbe869
Size

96KB
Sample

240927-crra8sshpe
MD5

d9897cde7049a8005bb133bea32a429e
SHA1

25cde604b5366ed493d6d5580e6942b4811f3cb0
SHA256

dbbbda7913e0c7b458ce9d2a05a2001dc135da308499ae28bbb883922bbbe869
SHA512

32a94635060ea29841953312e5aa60276dab355f5433ea2693e27551d83a57924d40f6b7eb2942f0c55788cd279fa8d79f336877aad9baa3e48c5ebfc3f8c408
SSDEEP

1536:DnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:DGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  dbbbda7913e0c7b458ce9d2a05a2001dc135da308499ae28bbb883922bbbe869
- Size
  
  96KB
- MD5
  
  d9897cde7049a8005bb133bea32a429e
- SHA1
  
  25cde604b5366ed493d6d5580e6942b4811f3cb0
- SHA256
  
  dbbbda7913e0c7b458ce9d2a05a2001dc135da308499ae28bbb883922bbbe869
- SHA512
  
  32a94635060ea29841953312e5aa60276dab355f5433ea2693e27551d83a57924d40f6b7eb2942f0c55788cd279fa8d79f336877aad9baa3e48c5ebfc3f8c408
- SSDEEP
  
  1536:DnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:DGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan