neconyd | e07000219d5f7df830d1e1fd05e160872ec0530ad4472713f9136f5076903a90 | Triage

Sharing

General

Target

e07000219d5f7df830d1e1fd05e160872ec0530ad4472713f9136f5076903a90N.exe
Size

80KB
Sample

241203-wc4skawmbw
MD5

227e53f0ecbc0c1e7cdf9c00ef1fec50
SHA1

b52435e2b680c2ac4f6a81ba5fa14154c62346b4
SHA256

e07000219d5f7df830d1e1fd05e160872ec0530ad4472713f9136f5076903a90
SHA512

272e81a405148b4e91b5461543a112e2ff84ccdd3bbdce9e79112543b710ebed59718c0152125698406cc619e16bc314f5dea561369c1fb6e8263a663bb6cac8
SSDEEP

1536:Pd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzT:ndseIOMEZEyFjEOFqTiQmOl/5xPvwX

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  e07000219d5f7df830d1e1fd05e160872ec0530ad4472713f9136f5076903a90N.exe
- Size
  
  80KB
- MD5
  
  227e53f0ecbc0c1e7cdf9c00ef1fec50
- SHA1
  
  b52435e2b680c2ac4f6a81ba5fa14154c62346b4
- SHA256
  
  e07000219d5f7df830d1e1fd05e160872ec0530ad4472713f9136f5076903a90
- SHA512
  
  272e81a405148b4e91b5461543a112e2ff84ccdd3bbdce9e79112543b710ebed59718c0152125698406cc619e16bc314f5dea561369c1fb6e8263a663bb6cac8
- SSDEEP
  
  1536:Pd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzT:ndseIOMEZEyFjEOFqTiQmOl/5xPvwX
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan