neconyd | 0970457ec5e1be106a356d6c657e11a6e5c4627724d74641915dd1dcd9698e28 | Triage

Sharing

General

Target

0970457ec5e1be106a356d6c657e11a6e5c4627724d74641915dd1dcd9698e28N.exe
Size

96KB
Sample

241205-q7dlzaxlds
MD5

9c367121455f7c190a2b95b57eb4f580
SHA1

80aa31fc53a3b99bfeda3f4ba8234f2bd8de98ef
SHA256

0970457ec5e1be106a356d6c657e11a6e5c4627724d74641915dd1dcd9698e28
SHA512

a419dc985d1188d35f9922d02baa73b86c9abdfba62293732d1caf9500940cc012f4ffba1aae87caede45d9772d90d8c0e8db6c419f3bfd9d5cd1605c126e8ac
SSDEEP

1536:gnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:gGs8cd8eXlYairZYqMddH137

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  0970457ec5e1be106a356d6c657e11a6e5c4627724d74641915dd1dcd9698e28N.exe
- Size
  
  96KB
- MD5
  
  9c367121455f7c190a2b95b57eb4f580
- SHA1
  
  80aa31fc53a3b99bfeda3f4ba8234f2bd8de98ef
- SHA256
  
  0970457ec5e1be106a356d6c657e11a6e5c4627724d74641915dd1dcd9698e28
- SHA512
  
  a419dc985d1188d35f9922d02baa73b86c9abdfba62293732d1caf9500940cc012f4ffba1aae87caede45d9772d90d8c0e8db6c419f3bfd9d5cd1605c126e8ac
- SSDEEP
  
  1536:gnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx7:gGs8cd8eXlYairZYqMddH137
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan