neconyd | ebc74c046332585238d2fa83ba8ffd7a9a1ee699ecb099e1849daf4b2b1a606e | Triage

Sharing

General

Target

ebc74c046332585238d2fa83ba8ffd7a9a1ee699ecb099e1849daf4b2b1a606e
Size

61KB
Sample

241203-edfcxsymcs
MD5

30b78332b12da915a353d82b9707a34a
SHA1

fb10fb84b936d886b18b8b1d7880b5f681ba6dc9
SHA256

ebc74c046332585238d2fa83ba8ffd7a9a1ee699ecb099e1849daf4b2b1a606e
SHA512

3e7eff7aa24b70c927b5ef45caa87249e7de55c8f7d672c1923793b1cdff779dc4536a61854b57c4794f3f4b2abb1797451524f6e2d6e94d9b6c6e4b6417d786
SSDEEP

1536:nd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZ4l/5P:PdseIOMEZEyFjEOFqTiQmil/5P

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  ebc74c046332585238d2fa83ba8ffd7a9a1ee699ecb099e1849daf4b2b1a606e
- Size
  
  61KB
- MD5
  
  30b78332b12da915a353d82b9707a34a
- SHA1
  
  fb10fb84b936d886b18b8b1d7880b5f681ba6dc9
- SHA256
  
  ebc74c046332585238d2fa83ba8ffd7a9a1ee699ecb099e1849daf4b2b1a606e
- SHA512
  
  3e7eff7aa24b70c927b5ef45caa87249e7de55c8f7d672c1923793b1cdff779dc4536a61854b57c4794f3f4b2abb1797451524f6e2d6e94d9b6c6e4b6417d786
- SSDEEP
  
  1536:nd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZ4l/5P:PdseIOMEZEyFjEOFqTiQmil/5P
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan