neconyd | 8eef017b3d7fa6ad6393f6fdbee9a9efd83f398bbb2884f555dba978e8f28b32 | Triage

Sharing

General

Target

8eef017b3d7fa6ad6393f6fdbee9a9efd83f398bbb2884f555dba978e8f28b32
Size

90KB
Sample

241129-bmfhhaxnes
MD5

6a95558edb58d716532ccd8add56f032
SHA1

3a31fe63998a1ad9c1e406f0e4fc0c8f0076a190
SHA256

8eef017b3d7fa6ad6393f6fdbee9a9efd83f398bbb2884f555dba978e8f28b32
SHA512

0f14609da9d6b048d4ca5ae9e4430db81eadd201a1a71b709d9a40d939812cbab7176f7395e75676b19d0949043aaac129a1bd3803a72ed65fbfe807726b2a09
SSDEEP

768:PMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uAa:PbIvYvZEyFKF6N4aS5AQmZTl/5i

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  8eef017b3d7fa6ad6393f6fdbee9a9efd83f398bbb2884f555dba978e8f28b32
- Size
  
  90KB
- MD5
  
  6a95558edb58d716532ccd8add56f032
- SHA1
  
  3a31fe63998a1ad9c1e406f0e4fc0c8f0076a190
- SHA256
  
  8eef017b3d7fa6ad6393f6fdbee9a9efd83f398bbb2884f555dba978e8f28b32
- SHA512
  
  0f14609da9d6b048d4ca5ae9e4430db81eadd201a1a71b709d9a40d939812cbab7176f7395e75676b19d0949043aaac129a1bd3803a72ed65fbfe807726b2a09
- SSDEEP
  
  768:PMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uAa:PbIvYvZEyFKF6N4aS5AQmZTl/5i
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan