neconyd | 7b18b0c800fa6563dead80123877ec493ad78a300f8737dab9530b7160c9dd84 | Triage

Sharing

General

Target

7b18b0c800fa6563dead80123877ec493ad78a300f8737dab9530b7160c9dd84
Size

96KB
Sample

241125-atxvpayjcs
MD5

1432a77502a82562f42531e215616b94
SHA1

6d18ec0ae18f84e782e65d537c1846969271a08c
SHA256

7b18b0c800fa6563dead80123877ec493ad78a300f8737dab9530b7160c9dd84
SHA512

cb5acfca96a9fbbb8575f21aefd74bfb9722140d95b12bf17c52dab8f8c60c4545c82c80fc4292544a6f1dd254f9b11c4ef57a7cc00f884da956108d61a68738
SSDEEP

1536:gnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxB:gGs8cd8eXlYairZYqMddH13B

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7b18b0c800fa6563dead80123877ec493ad78a300f8737dab9530b7160c9dd84
- Size
  
  96KB
- MD5
  
  1432a77502a82562f42531e215616b94
- SHA1
  
  6d18ec0ae18f84e782e65d537c1846969271a08c
- SHA256
  
  7b18b0c800fa6563dead80123877ec493ad78a300f8737dab9530b7160c9dd84
- SHA512
  
  cb5acfca96a9fbbb8575f21aefd74bfb9722140d95b12bf17c52dab8f8c60c4545c82c80fc4292544a6f1dd254f9b11c4ef57a7cc00f884da956108d61a68738
- SSDEEP
  
  1536:gnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxB:gGs8cd8eXlYairZYqMddH13B
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan