neconyd | 3084467274704f89cc85a340280df7f5afb86f1fc4cc95de3ab452a3235f843f | Triage

Sharing

General

Target

3084467274704f89cc85a340280df7f5afb86f1fc4cc95de3ab452a3235f843f.exe
Size

96KB
Sample

241202-pzmz1azjgq
MD5

2417ed6e2b275f1f0f254ffeecf1d9fe
SHA1

e77863df7b7a0983b5b4db7958dd301bfaa9b6dc
SHA256

3084467274704f89cc85a340280df7f5afb86f1fc4cc95de3ab452a3235f843f
SHA512

794f5a0587630a29fc3c91131d26d249b5acf47080b033558361b3edd5ceb4d0dabc2c20f85eef6aa16658794a878a60d332830084594a807249e666d528228f
SSDEEP

1536:QnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:QGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  3084467274704f89cc85a340280df7f5afb86f1fc4cc95de3ab452a3235f843f.exe
- Size
  
  96KB
- MD5
  
  2417ed6e2b275f1f0f254ffeecf1d9fe
- SHA1
  
  e77863df7b7a0983b5b4db7958dd301bfaa9b6dc
- SHA256
  
  3084467274704f89cc85a340280df7f5afb86f1fc4cc95de3ab452a3235f843f
- SHA512
  
  794f5a0587630a29fc3c91131d26d249b5acf47080b033558361b3edd5ceb4d0dabc2c20f85eef6aa16658794a878a60d332830084594a807249e666d528228f
- SSDEEP
  
  1536:QnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:QGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan