neconyd | 68071d20870b8833e1220a00f5486a421642ecff7f29951cf1fe7eb646441399 | Triage

Sharing

General

Target

68071d20870b8833e1220a00f5486a421642ecff7f29951cf1fe7eb646441399
Size

92KB
Sample

241120-3qd8dswaqd
MD5

587b6d81e23b25972132a72f2bb24d17
SHA1

dfff9825cbe8dcdfd2792990b7ad0cd9922a5b5f
SHA256

68071d20870b8833e1220a00f5486a421642ecff7f29951cf1fe7eb646441399
SHA512

11023f3a3e2c771d18a0f40313e230b035004a3df2691838fb47b2b31f7f5d01b23cae68b60d21e87c261f4ad4f5d4d7eb61c7bef5eed8e48199af922619e223
SSDEEP

1536:5d9dseIOcEr3bIvYvZEyF4EEOF6N4yS+AQmZTl/5:ZdseIOyEZEyFjEOFqTiQm5l/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  68071d20870b8833e1220a00f5486a421642ecff7f29951cf1fe7eb646441399
- Size
  
  92KB
- MD5
  
  587b6d81e23b25972132a72f2bb24d17
- SHA1
  
  dfff9825cbe8dcdfd2792990b7ad0cd9922a5b5f
- SHA256
  
  68071d20870b8833e1220a00f5486a421642ecff7f29951cf1fe7eb646441399
- SHA512
  
  11023f3a3e2c771d18a0f40313e230b035004a3df2691838fb47b2b31f7f5d01b23cae68b60d21e87c261f4ad4f5d4d7eb61c7bef5eed8e48199af922619e223
- SSDEEP
  
  1536:5d9dseIOcEr3bIvYvZEyF4EEOF6N4yS+AQmZTl/5:ZdseIOyEZEyFjEOFqTiQm5l/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan