neconyd | fc493e4f11bbbe90d34edc5de4417457023a416c07751760c2a4e75d65588542 | Triage

Sharing

General

Target

fc493e4f11bbbe90d34edc5de4417457023a416c07751760c2a4e75d65588542
Size

80KB
Sample

241127-gcl57awrcm
MD5

e2c7d1e70ac2703bbbcdc3cf21fd40ad
SHA1

f0494b727fc6f5d4fcc58f8e8b90ecf38cbcc0a9
SHA256

fc493e4f11bbbe90d34edc5de4417457023a416c07751760c2a4e75d65588542
SHA512

6ac5362cbfe9e8abb7f40b2a56223da7ab1808c5a0607e732954f98152c47f68df30cc887cfd52c6d87304110c42ed5a37c625023e4158ddd7f07e118502216f
SSDEEP

1536:fd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzz:XdseIOMEZEyFjEOFqTiQmOl/5xPvw3

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  fc493e4f11bbbe90d34edc5de4417457023a416c07751760c2a4e75d65588542
- Size
  
  80KB
- MD5
  
  e2c7d1e70ac2703bbbcdc3cf21fd40ad
- SHA1
  
  f0494b727fc6f5d4fcc58f8e8b90ecf38cbcc0a9
- SHA256
  
  fc493e4f11bbbe90d34edc5de4417457023a416c07751760c2a4e75d65588542
- SHA512
  
  6ac5362cbfe9e8abb7f40b2a56223da7ab1808c5a0607e732954f98152c47f68df30cc887cfd52c6d87304110c42ed5a37c625023e4158ddd7f07e118502216f
- SSDEEP
  
  1536:fd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzz:XdseIOMEZEyFjEOFqTiQmOl/5xPvw3
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan