neconyd | db4f8711420185ac7f77c66c1d4a9a8f72959085f4dc6fa4fa494d13bad6b519 | Triage

Sharing

General

Target

db4f8711420185ac7f77c66c1d4a9a8f72959085f4dc6fa4fa494d13bad6b519N.exe
Size

96KB
Sample

241203-bxyrtssrcw
MD5

e1f2feffb32ad90c16b392d37cb81d10
SHA1

cea01145aa04eb43b1f738dd590167114cb86b93
SHA256

db4f8711420185ac7f77c66c1d4a9a8f72959085f4dc6fa4fa494d13bad6b519
SHA512

0b8c50233bc5179f6e55b20113746f651534520baec4b10def5d3939091fc521c3579584d8eb849138de9f1d83dc09c181689d9287ce410e08fa3b2511eb1dce
SSDEEP

1536:anAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxq:aGs8cd8eXlYairZYqMddH13q

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  db4f8711420185ac7f77c66c1d4a9a8f72959085f4dc6fa4fa494d13bad6b519N.exe
- Size
  
  96KB
- MD5
  
  e1f2feffb32ad90c16b392d37cb81d10
- SHA1
  
  cea01145aa04eb43b1f738dd590167114cb86b93
- SHA256
  
  db4f8711420185ac7f77c66c1d4a9a8f72959085f4dc6fa4fa494d13bad6b519
- SHA512
  
  0b8c50233bc5179f6e55b20113746f651534520baec4b10def5d3939091fc521c3579584d8eb849138de9f1d83dc09c181689d9287ce410e08fa3b2511eb1dce
- SSDEEP
  
  1536:anAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxq:aGs8cd8eXlYairZYqMddH13q
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan