neconyd | 674d56b5c25bb2e2d2bdaf44f626e6be22f1a8be941011a0b078488126cf46db | Triage

Sharing

General

Target

674d56b5c25bb2e2d2bdaf44f626e6be22f1a8be941011a0b078488126cf46db.exe
Size

96KB
Sample

241203-2mnrzsxrew
MD5

0b3b42bff5540bd1d729343bf6c84a34
SHA1

de07110e79b27a4e4f5835009ceae477170d9365
SHA256

674d56b5c25bb2e2d2bdaf44f626e6be22f1a8be941011a0b078488126cf46db
SHA512

7a68f9b93cfc117da0af0ecc9c6c4423456d2e9f7c5fee6194715bfbd2ca9d767d03ee0f761883585226e9cc4b1a4a192aec56e43e807ce317f33f61257bedcc
SSDEEP

1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxu:OGs8cd8eXlYairZYqMddH13u

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  674d56b5c25bb2e2d2bdaf44f626e6be22f1a8be941011a0b078488126cf46db.exe
- Size
  
  96KB
- MD5
  
  0b3b42bff5540bd1d729343bf6c84a34
- SHA1
  
  de07110e79b27a4e4f5835009ceae477170d9365
- SHA256
  
  674d56b5c25bb2e2d2bdaf44f626e6be22f1a8be941011a0b078488126cf46db
- SHA512
  
  7a68f9b93cfc117da0af0ecc9c6c4423456d2e9f7c5fee6194715bfbd2ca9d767d03ee0f761883585226e9cc4b1a4a192aec56e43e807ce317f33f61257bedcc
- SSDEEP
  
  1536:OnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxu:OGs8cd8eXlYairZYqMddH13u
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan