neconyd | 3f1143cb1cf8a167227df3421a8592b4dff4d30351888c889f8c55200ae4d8e3 | Triage

Sharing

General

Target

3f1143cb1cf8a167227df3421a8592b4dff4d30351888c889f8c55200ae4d8e3N.exe
Size

61KB
Sample

241202-waltzazqhq
MD5

41008581ed38f3986c92132eea3f6400
SHA1

955cf7067729afd5a123b997dc12e1d7d8497f15
SHA256

3f1143cb1cf8a167227df3421a8592b4dff4d30351888c889f8c55200ae4d8e3
SHA512

5338ae5fa2bcaee2a8e7a8e1e33c442ac221482e69598f686c63c94ba2f6e608ef0bfccfb6643c507b5347999175e0856ff5a36f0240c945a19ec6c81cdce82b
SSDEEP

1536:4d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZnql/5:IdseIOMEZEyFjEOFqTiQmFql/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  3f1143cb1cf8a167227df3421a8592b4dff4d30351888c889f8c55200ae4d8e3N.exe
- Size
  
  61KB
- MD5
  
  41008581ed38f3986c92132eea3f6400
- SHA1
  
  955cf7067729afd5a123b997dc12e1d7d8497f15
- SHA256
  
  3f1143cb1cf8a167227df3421a8592b4dff4d30351888c889f8c55200ae4d8e3
- SHA512
  
  5338ae5fa2bcaee2a8e7a8e1e33c442ac221482e69598f686c63c94ba2f6e608ef0bfccfb6643c507b5347999175e0856ff5a36f0240c945a19ec6c81cdce82b
- SSDEEP
  
  1536:4d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZnql/5:IdseIOMEZEyFjEOFqTiQmFql/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan