neconyd | 037d92ee0de7f8a39b5598edb1a79607ddcf2a2971adeeab2ce664dbe7902cfd | Triage

Sharing

General

Target

037d92ee0de7f8a39b5598edb1a79607ddcf2a2971adeeab2ce664dbe7902cfdN.exe
Size

96KB
Sample

241130-p1jnzatqcw
MD5

86185d1a81bf1ac265a5f0097c854dc0
SHA1

32a3b8cdc7d43e2f9c0be87601f4a328500306e8
SHA256

037d92ee0de7f8a39b5598edb1a79607ddcf2a2971adeeab2ce664dbe7902cfd
SHA512

ada2a2bb5fcc99929428eb2e221a7b2a76ee6939419beae237e1f40ce33e6bfe36d4e2bd5178d2bd722d28a03b21b3d652a711c6e381ac7f2c1fcb0d93dc8c4d
SSDEEP

1536:PnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxx:PGs8cd8eXlYairZYqMddH13x

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  037d92ee0de7f8a39b5598edb1a79607ddcf2a2971adeeab2ce664dbe7902cfdN.exe
- Size
  
  96KB
- MD5
  
  86185d1a81bf1ac265a5f0097c854dc0
- SHA1
  
  32a3b8cdc7d43e2f9c0be87601f4a328500306e8
- SHA256
  
  037d92ee0de7f8a39b5598edb1a79607ddcf2a2971adeeab2ce664dbe7902cfd
- SHA512
  
  ada2a2bb5fcc99929428eb2e221a7b2a76ee6939419beae237e1f40ce33e6bfe36d4e2bd5178d2bd722d28a03b21b3d652a711c6e381ac7f2c1fcb0d93dc8c4d
- SSDEEP
  
  1536:PnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxx:PGs8cd8eXlYairZYqMddH13x
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan