neconyd | bc81a8367c9c5970fdfd8b653319d5c86b787f7cf46db0040acfdb3a4e9af602 | Triage

Sharing

General

Target

bc81a8367c9c5970fdfd8b653319d5c86b787f7cf46db0040acfdb3a4e9af602N.exe
Size

61KB
Sample

241130-h1hy4sslgl
MD5

546baa01ff728e9da82b4e92ef66ed80
SHA1

76d58e0ef3fc4404558212cc38b3fe4814f03efe
SHA256

bc81a8367c9c5970fdfd8b653319d5c86b787f7cf46db0040acfdb3a4e9af602
SHA512

619a73362e672516a85af9802752622e7a25b55009772caf0f2373ebfefdf0c190df6524f53fe5b8fd9bd99d0d6b46eb2266a0df0bed60a8e950e607f45120d2
SSDEEP

1536:fd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZVl/5:XdseIOMEZEyFjEOFqTiQmzl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  bc81a8367c9c5970fdfd8b653319d5c86b787f7cf46db0040acfdb3a4e9af602N.exe
- Size
  
  61KB
- MD5
  
  546baa01ff728e9da82b4e92ef66ed80
- SHA1
  
  76d58e0ef3fc4404558212cc38b3fe4814f03efe
- SHA256
  
  bc81a8367c9c5970fdfd8b653319d5c86b787f7cf46db0040acfdb3a4e9af602
- SHA512
  
  619a73362e672516a85af9802752622e7a25b55009772caf0f2373ebfefdf0c190df6524f53fe5b8fd9bd99d0d6b46eb2266a0df0bed60a8e950e607f45120d2
- SSDEEP
  
  1536:fd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZVl/5:XdseIOMEZEyFjEOFqTiQmzl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan