neconyd | 75a188b4c356a3e828ca599520307fdfe1e498a7b2d1107c7b24ec8f62b152bb | Triage

Sharing

General

Target

75a188b4c356a3e828ca599520307fdfe1e498a7b2d1107c7b24ec8f62b152bb.exe
Size

96KB
Sample

241128-j1px4a1nas
MD5

df9340f20610303bda95c5e273e70ed4
SHA1

5e2357006b43d0d42e094b80735007bfef1b71bc
SHA256

75a188b4c356a3e828ca599520307fdfe1e498a7b2d1107c7b24ec8f62b152bb
SHA512

0b42e279b441c53513e7d1c50f30defa6f95fb71053b0f6721e4e9835c76c56ff2e3cfafeeedfea5d3d68ae2c5149bb9db6b6f7d9234b51e85745171e9a1b504
SSDEEP

1536:EnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxx:EGs8cd8eXlYairZYqMddH13x

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  75a188b4c356a3e828ca599520307fdfe1e498a7b2d1107c7b24ec8f62b152bb.exe
- Size
  
  96KB
- MD5
  
  df9340f20610303bda95c5e273e70ed4
- SHA1
  
  5e2357006b43d0d42e094b80735007bfef1b71bc
- SHA256
  
  75a188b4c356a3e828ca599520307fdfe1e498a7b2d1107c7b24ec8f62b152bb
- SHA512
  
  0b42e279b441c53513e7d1c50f30defa6f95fb71053b0f6721e4e9835c76c56ff2e3cfafeeedfea5d3d68ae2c5149bb9db6b6f7d9234b51e85745171e9a1b504
- SSDEEP
  
  1536:EnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxx:EGs8cd8eXlYairZYqMddH13x
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan