neconyd | 7565aa5ce8b7e1dff625ff07a018d969d4adf27331e90745ee7364bf304da0d1 | Triage

Sharing

General

Target

7565aa5ce8b7e1dff625ff07a018d969d4adf27331e90745ee7364bf304da0d1N.exe
Size

62KB
Sample

241123-decgzswpht
MD5

ebf9df8b042d4a4a335db2438f8782d0
SHA1

573b4d6140f3ba093a03fa1fea0573e6b66ebfc0
SHA256

7565aa5ce8b7e1dff625ff07a018d969d4adf27331e90745ee7364bf304da0d1
SHA512

779ebbf4c0f40af33b66ff881a3aeab984af7ba2b3d6c52599dfa5beddf2820265382f5c2035b6d7030ffd5a958ef4fc289c62f8e6f8c7d0301e5aa0f904d58e
SSDEEP

768:EMEIvFGvZEr8LFK0ic46N47eSdYAHwmZQp6JXXlaa5uA:EbIvYvZEyFKF6N4yS+AQmZtl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7565aa5ce8b7e1dff625ff07a018d969d4adf27331e90745ee7364bf304da0d1N.exe
- Size
  
  62KB
- MD5
  
  ebf9df8b042d4a4a335db2438f8782d0
- SHA1
  
  573b4d6140f3ba093a03fa1fea0573e6b66ebfc0
- SHA256
  
  7565aa5ce8b7e1dff625ff07a018d969d4adf27331e90745ee7364bf304da0d1
- SHA512
  
  779ebbf4c0f40af33b66ff881a3aeab984af7ba2b3d6c52599dfa5beddf2820265382f5c2035b6d7030ffd5a958ef4fc289c62f8e6f8c7d0301e5aa0f904d58e
- SSDEEP
  
  768:EMEIvFGvZEr8LFK0ic46N47eSdYAHwmZQp6JXXlaa5uA:EbIvYvZEyFKF6N4yS+AQmZtl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan