neconyd | cea82711c690c0f7609908ff9c2458ab95499dea52f7ff7ff23ed710a39c6390 | Triage

Sharing

General

Target

cea82711c690c0f7609908ff9c2458ab95499dea52f7ff7ff23ed710a39c6390N.exe
Size

96KB
Sample

241201-nfh19svkfj
MD5

41aee7ba2ed1d13c4a4850a14b24f380
SHA1

563f3f4333416ec0701e7ca26e5f7088572e70f5
SHA256

cea82711c690c0f7609908ff9c2458ab95499dea52f7ff7ff23ed710a39c6390
SHA512

231984c5f4e7563b028afbdc218fc5625ed392b1e2c9a85a11c5587b444bc5ac8b726656a232416550ab00edaf965aa962bbf016cc5034340dbe1257b7f1b156
SSDEEP

1536:QnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:QGs8cd8eXlYairZYqMddH137

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  cea82711c690c0f7609908ff9c2458ab95499dea52f7ff7ff23ed710a39c6390N.exe
- Size
  
  96KB
- MD5
  
  41aee7ba2ed1d13c4a4850a14b24f380
- SHA1
  
  563f3f4333416ec0701e7ca26e5f7088572e70f5
- SHA256
  
  cea82711c690c0f7609908ff9c2458ab95499dea52f7ff7ff23ed710a39c6390
- SHA512
  
  231984c5f4e7563b028afbdc218fc5625ed392b1e2c9a85a11c5587b444bc5ac8b726656a232416550ab00edaf965aa962bbf016cc5034340dbe1257b7f1b156
- SSDEEP
  
  1536:QnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:QGs8cd8eXlYairZYqMddH137
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan