neconyd | 5dc8b5e5e90f742b722dbdaba5d781058fe0cf86ab4baa773bb2652b03373e38 | Triage

Sharing

General

Target

5dc8b5e5e90f742b722dbdaba5d781058fe0cf86ab4baa773bb2652b03373e38
Size

84KB
Sample

241122-2yba2a1pg1
MD5

4ee95df8b9ce1fbb4655482f0ac56717
SHA1

8ff3cb08e445648e51272aebac9f81dc26001c99
SHA256

5dc8b5e5e90f742b722dbdaba5d781058fe0cf86ab4baa773bb2652b03373e38
SHA512

f8afb346d8465e8f2d55487327c6d303d02898d79e006386929933fa93fb62be5ba291932c82a6fea732ed52d6799b761ec9f9c32776753a79846df1af4fd5a0
SSDEEP

1536:od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:YdseIOMEZEyFjEOFqTiQm5l/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5dc8b5e5e90f742b722dbdaba5d781058fe0cf86ab4baa773bb2652b03373e38
- Size
  
  84KB
- MD5
  
  4ee95df8b9ce1fbb4655482f0ac56717
- SHA1
  
  8ff3cb08e445648e51272aebac9f81dc26001c99
- SHA256
  
  5dc8b5e5e90f742b722dbdaba5d781058fe0cf86ab4baa773bb2652b03373e38
- SHA512
  
  f8afb346d8465e8f2d55487327c6d303d02898d79e006386929933fa93fb62be5ba291932c82a6fea732ed52d6799b761ec9f9c32776753a79846df1af4fd5a0
- SSDEEP
  
  1536:od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:YdseIOMEZEyFjEOFqTiQm5l/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan