neconyd | 65160ab09c829f6b86d9490800dbb3fa6cc00cc4cda575097e5cf8d28d554a54 | Triage

Sharing

General

Target

65160ab09c829f6b86d9490800dbb3fa6cc00cc4cda575097e5cf8d28d554a54.exe
Size

63KB
Sample

241123-zkdswsvrex
MD5

c034291b01512888c6733929044bdb1d
SHA1

15358430d3620520a07e015b9d5c5291ad244abd
SHA256

65160ab09c829f6b86d9490800dbb3fa6cc00cc4cda575097e5cf8d28d554a54
SHA512

4a6500c39f3154ed565898ed797d2ce167d919160882c7f323091368ebe1c49218505581586b1e9d0f05d30117a3896d24587c717232a993c8c0646d1696cebc
SSDEEP

1536:+d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5E:mdseIOMEZEyFjEOFqTiQm5l/5E

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  65160ab09c829f6b86d9490800dbb3fa6cc00cc4cda575097e5cf8d28d554a54.exe
- Size
  
  63KB
- MD5
  
  c034291b01512888c6733929044bdb1d
- SHA1
  
  15358430d3620520a07e015b9d5c5291ad244abd
- SHA256
  
  65160ab09c829f6b86d9490800dbb3fa6cc00cc4cda575097e5cf8d28d554a54
- SHA512
  
  4a6500c39f3154ed565898ed797d2ce167d919160882c7f323091368ebe1c49218505581586b1e9d0f05d30117a3896d24587c717232a993c8c0646d1696cebc
- SSDEEP
  
  1536:+d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5E:mdseIOMEZEyFjEOFqTiQm5l/5E
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan