neconyd | b68591eb13ef7d336b16bad1d47bb38774d70c7c2a39cd5cd9777dd91de821e7 | Triage

Sharing

General

Target

b68591eb13ef7d336b16bad1d47bb38774d70c7c2a39cd5cd9777dd91de821e7.exe
Size

96KB
Sample

241204-x1aeaswrgv
MD5

522f6ff9d573cb5742ccc0ccf4f93242
SHA1

031d43c1cc38e28e4fbd62d90a59c44a2e77edda
SHA256

b68591eb13ef7d336b16bad1d47bb38774d70c7c2a39cd5cd9777dd91de821e7
SHA512

51d40f48ea7485543ec382866d42b35806c6f4924686060ca39c4ab5184f0bac9631ab84301c47e3b6b4c0efe8067eaad088b1abdab73909f86d9124275de72f
SSDEEP

1536:PnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxB:PGs8cd8eXlYairZYqMddH13B

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  b68591eb13ef7d336b16bad1d47bb38774d70c7c2a39cd5cd9777dd91de821e7.exe
- Size
  
  96KB
- MD5
  
  522f6ff9d573cb5742ccc0ccf4f93242
- SHA1
  
  031d43c1cc38e28e4fbd62d90a59c44a2e77edda
- SHA256
  
  b68591eb13ef7d336b16bad1d47bb38774d70c7c2a39cd5cd9777dd91de821e7
- SHA512
  
  51d40f48ea7485543ec382866d42b35806c6f4924686060ca39c4ab5184f0bac9631ab84301c47e3b6b4c0efe8067eaad088b1abdab73909f86d9124275de72f
- SSDEEP
  
  1536:PnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxB:PGs8cd8eXlYairZYqMddH13B
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan