neconyd | cbb7e7b66b2727947d94dbcbd2c6a6dfbdd6b9528644ad4d84b7729b2b19f934 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbb7e7b66b2727947d94dbcbd2c6a6dfbdd6b9528644ad4d84b7729b2b19f934N
Size

80KB
Sample

241018-m1jmvswaqk
MD5

d42c59f335bb36734807221779d9bdf0
SHA1

3c6b0260d1d83b2ef2e73b33f422f320bc7737c0
SHA256

cbb7e7b66b2727947d94dbcbd2c6a6dfbdd6b9528644ad4d84b7729b2b19f934
SHA512

45feaf191709ac07965596c3a51fb03d3ab1eb41aa1d41607bc707ad0d301fbc98d61c295c7c7b420f516e5a66221d5419059dda0c75c3ed450e2df5fe9ff2f2
SSDEEP

768:CfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:CfbIvYvZEyFKF6N4yS+AQmZTl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  cbb7e7b66b2727947d94dbcbd2c6a6dfbdd6b9528644ad4d84b7729b2b19f934N
- Size
  
  80KB
- MD5
  
  d42c59f335bb36734807221779d9bdf0
- SHA1
  
  3c6b0260d1d83b2ef2e73b33f422f320bc7737c0
- SHA256
  
  cbb7e7b66b2727947d94dbcbd2c6a6dfbdd6b9528644ad4d84b7729b2b19f934
- SHA512
  
  45feaf191709ac07965596c3a51fb03d3ab1eb41aa1d41607bc707ad0d301fbc98d61c295c7c7b420f516e5a66221d5419059dda0c75c3ed450e2df5fe9ff2f2
- SSDEEP
  
  768:CfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:CfbIvYvZEyFKF6N4yS+AQmZTl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan