neconyd | befa2bdeeac47051ac9164f46b94dadf63aa4decb7e5007d5d6ffdf7876a52d2 | Triage

Sharing

General

Target

befa2bdeeac47051ac9164f46b94dadf63aa4decb7e5007d5d6ffdf7876a52d2.exe
Size

61KB
Sample

241119-whbc7sygqd
MD5

0dba0775cc9b5926f94321ce001ee641
SHA1

bf65e0f7a8ec59dcb41f18ec8b3ecd491e17732a
SHA256

befa2bdeeac47051ac9164f46b94dadf63aa4decb7e5007d5d6ffdf7876a52d2
SHA512

0ee85611fa9fabdcb2c8ad1480b827726f283c2f93f1ef44d21ad47a35487eab27c5c8e24c3d7bf2d220f16752d15c446fcf294f905628d0a9478f02f9f13692
SSDEEP

1536:Sd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZWl/5l:idseIOMEZEyFjEOFqTiQmUl/5l

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  befa2bdeeac47051ac9164f46b94dadf63aa4decb7e5007d5d6ffdf7876a52d2.exe
- Size
  
  61KB
- MD5
  
  0dba0775cc9b5926f94321ce001ee641
- SHA1
  
  bf65e0f7a8ec59dcb41f18ec8b3ecd491e17732a
- SHA256
  
  befa2bdeeac47051ac9164f46b94dadf63aa4decb7e5007d5d6ffdf7876a52d2
- SHA512
  
  0ee85611fa9fabdcb2c8ad1480b827726f283c2f93f1ef44d21ad47a35487eab27c5c8e24c3d7bf2d220f16752d15c446fcf294f905628d0a9478f02f9f13692
- SSDEEP
  
  1536:Sd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZWl/5l:idseIOMEZEyFjEOFqTiQmUl/5l
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan