neconyd | 0c60739d64182b0f0941ab1bde364d2a8ae938e3154373cb96d11a72f664cff3 | Triage

Sharing

General

Target

0c60739d64182b0f0941ab1bde364d2a8ae938e3154373cb96d11a72f664cff3.exe
Size

64KB
Sample

241205-nfapwsyjbr
MD5

c44f8b816073ca9d49f324ec821409a5
SHA1

b9c1b7c3558f2614ddc93a797dedf05c4ff02a83
SHA256

0c60739d64182b0f0941ab1bde364d2a8ae938e3154373cb96d11a72f664cff3
SHA512

3ea7a4174499d147ded7218caa02c7e07a898bd56729ff19d758ba5b63129e2178d4bd0ac0b0ac9b947bbbac87a8c9a839ba5b3e5e7299ffdc9a9519bd0ff83b
SSDEEP

768:bMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAv:bbIvYvZEyFKF6N4yS+AQmZcl/5H

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  0c60739d64182b0f0941ab1bde364d2a8ae938e3154373cb96d11a72f664cff3.exe
- Size
  
  64KB
- MD5
  
  c44f8b816073ca9d49f324ec821409a5
- SHA1
  
  b9c1b7c3558f2614ddc93a797dedf05c4ff02a83
- SHA256
  
  0c60739d64182b0f0941ab1bde364d2a8ae938e3154373cb96d11a72f664cff3
- SHA512
  
  3ea7a4174499d147ded7218caa02c7e07a898bd56729ff19d758ba5b63129e2178d4bd0ac0b0ac9b947bbbac87a8c9a839ba5b3e5e7299ffdc9a9519bd0ff83b
- SSDEEP
  
  768:bMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAv:bbIvYvZEyFKF6N4yS+AQmZcl/5H
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan