neconyd | 79f8d05eaaee25f33b210c8492f489ac1579a22ccee7cd89d3d758c920cdd228 | Triage

Sharing

General

Target

79f8d05eaaee25f33b210c8492f489ac1579a22ccee7cd89d3d758c920cdd228
Size

96KB
Sample

241128-alen5ssrfn
MD5

0b32125002b67d709d253016765b787f
SHA1

d2d8b89781791d34def210ea29486033cff64e1c
SHA256

79f8d05eaaee25f33b210c8492f489ac1579a22ccee7cd89d3d758c920cdd228
SHA512

eee8a9eb9a179c9e4204720770ec561309023b5eeeea93c104577fa078e423e248876cfba33b7ad99c27554f1ca1376c902fe56e62a6793414bdda6399a3daa0
SSDEEP

1536:ZnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxh:ZGs8cd8eXlYairZYqMddH13h

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  79f8d05eaaee25f33b210c8492f489ac1579a22ccee7cd89d3d758c920cdd228
- Size
  
  96KB
- MD5
  
  0b32125002b67d709d253016765b787f
- SHA1
  
  d2d8b89781791d34def210ea29486033cff64e1c
- SHA256
  
  79f8d05eaaee25f33b210c8492f489ac1579a22ccee7cd89d3d758c920cdd228
- SHA512
  
  eee8a9eb9a179c9e4204720770ec561309023b5eeeea93c104577fa078e423e248876cfba33b7ad99c27554f1ca1376c902fe56e62a6793414bdda6399a3daa0
- SSDEEP
  
  1536:ZnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxh:ZGs8cd8eXlYairZYqMddH13h
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan