neconyd | e19823d1263edbef945636c31007b9c79dd0c6a72bc11da015996210d7b622f7 | Triage

Sharing

General

Target

e19823d1263edbef945636c31007b9c79dd0c6a72bc11da015996210d7b622f7N.exe
Size

96KB
Sample

241201-n9wjfs1kfz
MD5

0d4c77c54e03092885eca451826d6600
SHA1

1bc3797d27d6eceee9ba08bb9db68307e413baf4
SHA256

e19823d1263edbef945636c31007b9c79dd0c6a72bc11da015996210d7b622f7
SHA512

417e8604b5fe1e1b59d9800262c252046a44a5ea4af73b7b1de38aed9d7cb27b1258ad25c511a11f567ac14f49ff44c717c84a8fd3f6b200cf487c7e02a4fa1e
SSDEEP

1536:hnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:hGs8cd8eXlYairZYqMddH137

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  e19823d1263edbef945636c31007b9c79dd0c6a72bc11da015996210d7b622f7N.exe
- Size
  
  96KB
- MD5
  
  0d4c77c54e03092885eca451826d6600
- SHA1
  
  1bc3797d27d6eceee9ba08bb9db68307e413baf4
- SHA256
  
  e19823d1263edbef945636c31007b9c79dd0c6a72bc11da015996210d7b622f7
- SHA512
  
  417e8604b5fe1e1b59d9800262c252046a44a5ea4af73b7b1de38aed9d7cb27b1258ad25c511a11f567ac14f49ff44c717c84a8fd3f6b200cf487c7e02a4fa1e
- SSDEEP
  
  1536:hnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:hGs8cd8eXlYairZYqMddH137
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan