neconyd | 632c1f0f3391c57d6a035e8ac2f3a90c40f662652b52f19cd47cfa13de84b889 | Triage

Sharing

General

Target

632c1f0f3391c57d6a035e8ac2f3a90c40f662652b52f19cd47cfa13de84b889
Size

90KB
Sample

241122-anxyhawqar
MD5

a1ccfdb5868b1f6aa38509a93378748d
SHA1

6629955bd0a679f6475d29011f33c9a874c74436
SHA256

632c1f0f3391c57d6a035e8ac2f3a90c40f662652b52f19cd47cfa13de84b889
SHA512

522f0f7f863a01f0818a21fa1c80f8670f9af18afaf7d0641a37e04288edfe88f03748f84cbe1c7c4bb7541c54278632d3a58be956b15a737f01ea9e8a8fbb5f
SSDEEP

768:xMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uA:xbIvYvZEyFKF6N4aS5AQmZTl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  632c1f0f3391c57d6a035e8ac2f3a90c40f662652b52f19cd47cfa13de84b889
- Size
  
  90KB
- MD5
  
  a1ccfdb5868b1f6aa38509a93378748d
- SHA1
  
  6629955bd0a679f6475d29011f33c9a874c74436
- SHA256
  
  632c1f0f3391c57d6a035e8ac2f3a90c40f662652b52f19cd47cfa13de84b889
- SHA512
  
  522f0f7f863a01f0818a21fa1c80f8670f9af18afaf7d0641a37e04288edfe88f03748f84cbe1c7c4bb7541c54278632d3a58be956b15a737f01ea9e8a8fbb5f
- SSDEEP
  
  768:xMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uA:xbIvYvZEyFKF6N4aS5AQmZTl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan