neconyd | e63d11953e9f0e0bbcdd29703739f98b99ac3ad7e3d1c75a6ee716d596b577eb | Triage

Sharing

General

Target

e63d11953e9f0e0bbcdd29703739f98b99ac3ad7e3d1c75a6ee716d596b577ebN.exe
Size

80KB
Sample

240927-cvxbnatbma
MD5

3ef104808f6e128031a2eabe91778990
SHA1

cf5bf941b64ed6429e0d66b6a7332ee541fcd293
SHA256

e63d11953e9f0e0bbcdd29703739f98b99ac3ad7e3d1c75a6ee716d596b577eb
SHA512

6f56d3acd2e09eb925f742346930e63d4a8c90ea51918a698ab9cf6561bccbf6cc2d990b5b3703359bb2a9f83d3dbfb1d6d0194bc431deeedc5f05f4cd3c5490
SSDEEP

768:qfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:qfbIvYvZEyFKF6N4yS+AQmZTl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  e63d11953e9f0e0bbcdd29703739f98b99ac3ad7e3d1c75a6ee716d596b577ebN.exe
- Size
  
  80KB
- MD5
  
  3ef104808f6e128031a2eabe91778990
- SHA1
  
  cf5bf941b64ed6429e0d66b6a7332ee541fcd293
- SHA256
  
  e63d11953e9f0e0bbcdd29703739f98b99ac3ad7e3d1c75a6ee716d596b577eb
- SHA512
  
  6f56d3acd2e09eb925f742346930e63d4a8c90ea51918a698ab9cf6561bccbf6cc2d990b5b3703359bb2a9f83d3dbfb1d6d0194bc431deeedc5f05f4cd3c5490
- SSDEEP
  
  768:qfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:qfbIvYvZEyFKF6N4yS+AQmZTl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan