neconyd | 2944d44ccb1c0787f231269258c57e27b42efd654428a192277916a819ff8c92 | Triage

Sharing

General

Target

2944d44ccb1c0787f231269258c57e27b42efd654428a192277916a819ff8c92.exe
Size

80KB
Sample

241203-pegx9azpfq
MD5

6fb1b6705c3446294b6ec21dd1fffb1b
SHA1

a513dd2087a1c6c61941f9ed92a8911d8e66d7ff
SHA256

2944d44ccb1c0787f231269258c57e27b42efd654428a192277916a819ff8c92
SHA512

392665212563132805cacc8b2794040c77d9ed8dd615868fab326d5f88c3b59b10276d9a9d4b8e103d3547131a90f5f899a331a8a0958a5d9cda15a8837930b0
SSDEEP

768:FfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA6:FfbIvYvZEyFKF6N4yS+AQmZTl/5i

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  2944d44ccb1c0787f231269258c57e27b42efd654428a192277916a819ff8c92.exe
- Size
  
  80KB
- MD5
  
  6fb1b6705c3446294b6ec21dd1fffb1b
- SHA1
  
  a513dd2087a1c6c61941f9ed92a8911d8e66d7ff
- SHA256
  
  2944d44ccb1c0787f231269258c57e27b42efd654428a192277916a819ff8c92
- SHA512
  
  392665212563132805cacc8b2794040c77d9ed8dd615868fab326d5f88c3b59b10276d9a9d4b8e103d3547131a90f5f899a331a8a0958a5d9cda15a8837930b0
- SSDEEP
  
  768:FfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA6:FfbIvYvZEyFKF6N4yS+AQmZTl/5i
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan