neconyd | e397fae69e49b86e344300cf644567a3ded2a81e0dacf0264b615198b5371426 | Triage

Sharing

General

Target

e397fae69e49b86e344300cf644567a3ded2a81e0dacf0264b615198b5371426.exe
Size

96KB
Sample

241201-r3xpqatpas
MD5

2aa5f89187fd0de3d66278fb5b6987f4
SHA1

5083dccbf23ecbe9ecb6194e0e2aa43665346b8c
SHA256

e397fae69e49b86e344300cf644567a3ded2a81e0dacf0264b615198b5371426
SHA512

33f22042caf6b2b4aba48fa67262dbb96d7dfa46bc17749b7813863a243c33a640e8d5edce849ba211958e034b6e7f37fa81064efc85efd5ff73894f953185a2
SSDEEP

1536:JnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxZ:JGs8cd8eXlYairZYqMddH13Z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  e397fae69e49b86e344300cf644567a3ded2a81e0dacf0264b615198b5371426.exe
- Size
  
  96KB
- MD5
  
  2aa5f89187fd0de3d66278fb5b6987f4
- SHA1
  
  5083dccbf23ecbe9ecb6194e0e2aa43665346b8c
- SHA256
  
  e397fae69e49b86e344300cf644567a3ded2a81e0dacf0264b615198b5371426
- SHA512
  
  33f22042caf6b2b4aba48fa67262dbb96d7dfa46bc17749b7813863a243c33a640e8d5edce849ba211958e034b6e7f37fa81064efc85efd5ff73894f953185a2
- SSDEEP
  
  1536:JnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxZ:JGs8cd8eXlYairZYqMddH13Z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan