neconyd | 6a1b89f2ae611c917de7850eec73430b96531bf7f8b0767b73f1d2407bcea61b | Triage

Sharing

General

Target

6a1b89f2ae611c917de7850eec73430b96531bf7f8b0767b73f1d2407bcea61b.exe
Size

33KB
Sample

241205-tvha6sykhm
MD5

69f977832f61c475cc0494783f506520
SHA1

ec0855e68d06839eb9710017cc5cfd70d7ee2977
SHA256

6a1b89f2ae611c917de7850eec73430b96531bf7f8b0767b73f1d2407bcea61b
SHA512

cad3d6215a1206c4d980ceb879e2e63403741ee9426939dd1d75339acb7683e6d41bb64fad8e277f61fd704de0e29172ab67b9da45bbfdcc7f638230038b9aaa
SSDEEP

768:HfVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7D7:HfVRztyHo8QNHTk0qE5fslvN/956qA

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  6a1b89f2ae611c917de7850eec73430b96531bf7f8b0767b73f1d2407bcea61b.exe
- Size
  
  33KB
- MD5
  
  69f977832f61c475cc0494783f506520
- SHA1
  
  ec0855e68d06839eb9710017cc5cfd70d7ee2977
- SHA256
  
  6a1b89f2ae611c917de7850eec73430b96531bf7f8b0767b73f1d2407bcea61b
- SHA512
  
  cad3d6215a1206c4d980ceb879e2e63403741ee9426939dd1d75339acb7683e6d41bb64fad8e277f61fd704de0e29172ab67b9da45bbfdcc7f638230038b9aaa
- SSDEEP
  
  768:HfVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7D7:HfVRztyHo8QNHTk0qE5fslvN/956qA
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan