neconyd | 4e3105834c6da882f47b353583e95aeef477ccb5187b0a65a1f32001062c8a4e | Triage

Sharing

General

Target

4e3105834c6da882f47b353583e95aeef477ccb5187b0a65a1f32001062c8a4e.exe
Size

96KB
Sample

241203-2t4f1syldx
MD5

20506b8e84787159e0193acda0990e3e
SHA1

10f672fd1f6a2041184ba0e6494250bb78dd8da9
SHA256

4e3105834c6da882f47b353583e95aeef477ccb5187b0a65a1f32001062c8a4e
SHA512

5caac43d66d54db0b9070d4329c6b14a48e63cea467c046f9be26167dcd23c49dbdf0e3e4bb2b85b12120621b087291f728dbce68398c7903a5bb92798f8ee82
SSDEEP

1536:FnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:FGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  4e3105834c6da882f47b353583e95aeef477ccb5187b0a65a1f32001062c8a4e.exe
- Size
  
  96KB
- MD5
  
  20506b8e84787159e0193acda0990e3e
- SHA1
  
  10f672fd1f6a2041184ba0e6494250bb78dd8da9
- SHA256
  
  4e3105834c6da882f47b353583e95aeef477ccb5187b0a65a1f32001062c8a4e
- SHA512
  
  5caac43d66d54db0b9070d4329c6b14a48e63cea467c046f9be26167dcd23c49dbdf0e3e4bb2b85b12120621b087291f728dbce68398c7903a5bb92798f8ee82
- SSDEEP
  
  1536:FnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:FGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan