neconyd | 26ed2cf12ca492307b41428ad54f756109fc6d325fa1c16ee588c52487ddf956 | Triage

Sharing

General

Target

26ed2cf12ca492307b41428ad54f756109fc6d325fa1c16ee588c52487ddf956
Size

136KB
Sample

241125-zjx55sskdm
MD5

38a1819803dfc20820f119d913aa1246
SHA1

4387966799e66ef266e5118efbbc8a51f908ef8b
SHA256

26ed2cf12ca492307b41428ad54f756109fc6d325fa1c16ee588c52487ddf956
SHA512

4eb65fe1fb034d88719054371da49d7d7aad65f6a189828830fe3cfb5cb82044e4128acd318407f5b79bd20ca38507184f65682bcd9c89acad8ae1a3673caaa0
SSDEEP

3072:veVM037n8BMAW6J6f1tqF6dngNmaZrxS:6o9UPOQ

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  26ed2cf12ca492307b41428ad54f756109fc6d325fa1c16ee588c52487ddf956
- Size
  
  136KB
- MD5
  
  38a1819803dfc20820f119d913aa1246
- SHA1
  
  4387966799e66ef266e5118efbbc8a51f908ef8b
- SHA256
  
  26ed2cf12ca492307b41428ad54f756109fc6d325fa1c16ee588c52487ddf956
- SHA512
  
  4eb65fe1fb034d88719054371da49d7d7aad65f6a189828830fe3cfb5cb82044e4128acd318407f5b79bd20ca38507184f65682bcd9c89acad8ae1a3673caaa0
- SSDEEP
  
  3072:veVM037n8BMAW6J6f1tqF6dngNmaZrxS:6o9UPOQ
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan