neconyd | 291f3c0cf8f5cab4dcf2a9d4d9bcaf1bf1fb12aed3efb52adda441dbf7a3ef28 | Triage

Sharing

General

Target

291f3c0cf8f5cab4dcf2a9d4d9bcaf1bf1fb12aed3efb52adda441dbf7a3ef28N.exe
Size

76KB
Sample

241205-cxqa5azlbq
MD5

6828d009f206a96c7bb7227850d8b380
SHA1

1f180115a642cf68492d05183dbfe0a210555b7d
SHA256

291f3c0cf8f5cab4dcf2a9d4d9bcaf1bf1fb12aed3efb52adda441dbf7a3ef28
SHA512

6110aa557d970ed5a5f6263eec40c0d44f04b69f82cd89b8d07eeab25dc7f9720fb446e7bb6591b48d75656f4fa34cc48431cc181fcd44caf3b2452931b5fcbf
SSDEEP

768:KMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAW:KbIvYvZEyFKF6N4yS+AQmZTl/5O

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  291f3c0cf8f5cab4dcf2a9d4d9bcaf1bf1fb12aed3efb52adda441dbf7a3ef28N.exe
- Size
  
  76KB
- MD5
  
  6828d009f206a96c7bb7227850d8b380
- SHA1
  
  1f180115a642cf68492d05183dbfe0a210555b7d
- SHA256
  
  291f3c0cf8f5cab4dcf2a9d4d9bcaf1bf1fb12aed3efb52adda441dbf7a3ef28
- SHA512
  
  6110aa557d970ed5a5f6263eec40c0d44f04b69f82cd89b8d07eeab25dc7f9720fb446e7bb6591b48d75656f4fa34cc48431cc181fcd44caf3b2452931b5fcbf
- SSDEEP
  
  768:KMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAW:KbIvYvZEyFKF6N4yS+AQmZTl/5O
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan