neconyd | adb51f4110cdd56015557b44ff751ec1944ba17ce5f8ead5f4ef0c95ebd3e80b | Triage

Sharing

General

Target

adb51f4110cdd56015557b44ff751ec1944ba17ce5f8ead5f4ef0c95ebd3e80b.exe
Size

96KB
Sample

241201-s77wxsvpcx
MD5

ec04a3795de16f9dfeaa9edb70ace5fc
SHA1

1954ba36dd1d907f97763cb41eedf27de33a25cd
SHA256

adb51f4110cdd56015557b44ff751ec1944ba17ce5f8ead5f4ef0c95ebd3e80b
SHA512

4b6067df01b8e39c72e7ef9c2f3d65a271455e14182c8e9094c9490b93181267f32fdf936421a38f90c9b4246f640099cf98ff57b5dd6e6d79220477f93d3044
SSDEEP

1536:UnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxj:UGs8cd8eXlYairZYqMddH13j

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  adb51f4110cdd56015557b44ff751ec1944ba17ce5f8ead5f4ef0c95ebd3e80b.exe
- Size
  
  96KB
- MD5
  
  ec04a3795de16f9dfeaa9edb70ace5fc
- SHA1
  
  1954ba36dd1d907f97763cb41eedf27de33a25cd
- SHA256
  
  adb51f4110cdd56015557b44ff751ec1944ba17ce5f8ead5f4ef0c95ebd3e80b
- SHA512
  
  4b6067df01b8e39c72e7ef9c2f3d65a271455e14182c8e9094c9490b93181267f32fdf936421a38f90c9b4246f640099cf98ff57b5dd6e6d79220477f93d3044
- SSDEEP
  
  1536:UnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxj:UGs8cd8eXlYairZYqMddH13j
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan