neconyd | c05356816d0f5f3a22531257b45dbb56fe15a7d8bcc58142cb5a89040b991d07 | Triage

Sharing

General

Target

c05356816d0f5f3a22531257b45dbb56fe15a7d8bcc58142cb5a89040b991d07
Size

96KB
Sample

241121-h5l7bszhlj
MD5

7beb27f76749602f71e980c0e44bae64
SHA1

dc19c7789d666a544e2ed9d2c35348cbafc3f955
SHA256

c05356816d0f5f3a22531257b45dbb56fe15a7d8bcc58142cb5a89040b991d07
SHA512

ac4815f8b935871d0281d0efc88dae08a84fd6fbfff871019b0bcfeb78a42e7a4463fc9ec68f5e8145d4673a358262db340f583a99b3a534b3c691b4adba3856
SSDEEP

1536:RnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:RGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c05356816d0f5f3a22531257b45dbb56fe15a7d8bcc58142cb5a89040b991d07
- Size
  
  96KB
- MD5
  
  7beb27f76749602f71e980c0e44bae64
- SHA1
  
  dc19c7789d666a544e2ed9d2c35348cbafc3f955
- SHA256
  
  c05356816d0f5f3a22531257b45dbb56fe15a7d8bcc58142cb5a89040b991d07
- SHA512
  
  ac4815f8b935871d0281d0efc88dae08a84fd6fbfff871019b0bcfeb78a42e7a4463fc9ec68f5e8145d4673a358262db340f583a99b3a534b3c691b4adba3856
- SSDEEP
  
  1536:RnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:RGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan