neconyd | e38756b320f67949bc7b2fc64b6858678e156b43317915b7c782e597f698d014 | Triage

Sharing

General

Target

e38756b320f67949bc7b2fc64b6858678e156b43317915b7c782e597f698d014.exe
Size

96KB
Sample

241205-ky38datkgk
MD5

c5d27f97b4a50dc6a13f45a8ed2a9476
SHA1

dc06bb72c634658d7347009688980b841a8b4899
SHA256

e38756b320f67949bc7b2fc64b6858678e156b43317915b7c782e597f698d014
SHA512

653aabd8a7cf34d9c1f9861152b805d5bb5d2dff119dbb2edcff36784d71055ff4e33de19909e484b41cf96bb7e3b3158e9d9f6726cd923f5194cce4050cbf57
SSDEEP

1536:ZnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxj:ZGs8cd8eXlYairZYqMddH13j

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  e38756b320f67949bc7b2fc64b6858678e156b43317915b7c782e597f698d014.exe
- Size
  
  96KB
- MD5
  
  c5d27f97b4a50dc6a13f45a8ed2a9476
- SHA1
  
  dc06bb72c634658d7347009688980b841a8b4899
- SHA256
  
  e38756b320f67949bc7b2fc64b6858678e156b43317915b7c782e597f698d014
- SHA512
  
  653aabd8a7cf34d9c1f9861152b805d5bb5d2dff119dbb2edcff36784d71055ff4e33de19909e484b41cf96bb7e3b3158e9d9f6726cd923f5194cce4050cbf57
- SSDEEP
  
  1536:ZnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxj:ZGs8cd8eXlYairZYqMddH13j
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan