neconyd | 87616dadd636635db90aeb8c405737bda8abd2ba8da8899d3aa754ca99d9cb4d | Triage

Sharing

General

Target

87616dadd636635db90aeb8c405737bda8abd2ba8da8899d3aa754ca99d9cb4d.exe
Size

80KB
Sample

241127-q9xsmawmaz
MD5

4d09d418e20dadaf6bb4b71b9e9b70f9
SHA1

a08239d7bbfb50e2b68a16373b090b63507316cc
SHA256

87616dadd636635db90aeb8c405737bda8abd2ba8da8899d3aa754ca99d9cb4d
SHA512

c1fd63cc5b078701d2f370400b93e8f703596f6eafb014a83861228babcaac01e83efd9369e182ad1c9520178f4195fdf6ab979fb50db6481a252684c2590beb
SSDEEP

1536:Cd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzT:ydseIOMEZEyFjEOFqTiQmOl/5xPvwX

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  87616dadd636635db90aeb8c405737bda8abd2ba8da8899d3aa754ca99d9cb4d.exe
- Size
  
  80KB
- MD5
  
  4d09d418e20dadaf6bb4b71b9e9b70f9
- SHA1
  
  a08239d7bbfb50e2b68a16373b090b63507316cc
- SHA256
  
  87616dadd636635db90aeb8c405737bda8abd2ba8da8899d3aa754ca99d9cb4d
- SHA512
  
  c1fd63cc5b078701d2f370400b93e8f703596f6eafb014a83861228babcaac01e83efd9369e182ad1c9520178f4195fdf6ab979fb50db6481a252684c2590beb
- SSDEEP
  
  1536:Cd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzT:ydseIOMEZEyFjEOFqTiQmOl/5xPvwX
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan