neconyd | 936dbadef8ec653ecd3da381fa4b4a0c4f2a17c03b88d96d93a3da72a833f9c0 | Triage

Sharing

General

Target

936dbadef8ec653ecd3da381fa4b4a0c4f2a17c03b88d96d93a3da72a833f9c0N.exe
Size

76KB
Sample

241130-h9x5dssncn
MD5

4ca384ece866884af75be9817b493e80
SHA1

ec44e7ed30e89185da606e3b25e76d0311cfc511
SHA256

936dbadef8ec653ecd3da381fa4b4a0c4f2a17c03b88d96d93a3da72a833f9c0
SHA512

be09410f1a20a77e45ccb1eeba08517ab6869bbe79a51dc7c0c2c3c63b097b372d0fda5ed558fe5b3119d273e21d6210bb4e168dbcbc7a1bdfb18b6d223739ca
SSDEEP

1536:Ed9dseIOcE93NIvYvZEyFhEEOF6N4yS+AQmZTl/5s11:8dseIOKEZEyF6EOFqTiQm5l/5s11

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  936dbadef8ec653ecd3da381fa4b4a0c4f2a17c03b88d96d93a3da72a833f9c0N.exe
- Size
  
  76KB
- MD5
  
  4ca384ece866884af75be9817b493e80
- SHA1
  
  ec44e7ed30e89185da606e3b25e76d0311cfc511
- SHA256
  
  936dbadef8ec653ecd3da381fa4b4a0c4f2a17c03b88d96d93a3da72a833f9c0
- SHA512
  
  be09410f1a20a77e45ccb1eeba08517ab6869bbe79a51dc7c0c2c3c63b097b372d0fda5ed558fe5b3119d273e21d6210bb4e168dbcbc7a1bdfb18b6d223739ca
- SSDEEP
  
  1536:Ed9dseIOcE93NIvYvZEyFhEEOF6N4yS+AQmZTl/5s11:8dseIOKEZEyF6EOFqTiQm5l/5s11
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan