neconyd | 1bdfc8bc61ff3f0ddf6997276319dd8d087fd8ca6ede5fbb9d5637f4325868e9 | Triage

Sharing

General

Target

1bdfc8bc61ff3f0ddf6997276319dd8d087fd8ca6ede5fbb9d5637f4325868e9.exe
Size

62KB
Sample

241205-xag2fssrbl
MD5

3dcdb2d1d4ba8dfb3a9d6fe0b1b20e75
SHA1

bd322d374d7ec59ce7994fefb808ab42e51ea521
SHA256

1bdfc8bc61ff3f0ddf6997276319dd8d087fd8ca6ede5fbb9d5637f4325868e9
SHA512

5130d0939b8336d13173c97dd6720cc61d27d24ec5afc73fcb274c180843534052e09d30e4672753f8a8687fbde935ced8f6a961103bc4b6dd32c357aa673f93
SSDEEP

768:sMEIvFGvZEr8LFK0ic46N47eSdYAHwmZQp6JXXlaa5uA9:sbIvYvZEyFKF6N4yS+AQmZtl/5l

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1bdfc8bc61ff3f0ddf6997276319dd8d087fd8ca6ede5fbb9d5637f4325868e9.exe
- Size
  
  62KB
- MD5
  
  3dcdb2d1d4ba8dfb3a9d6fe0b1b20e75
- SHA1
  
  bd322d374d7ec59ce7994fefb808ab42e51ea521
- SHA256
  
  1bdfc8bc61ff3f0ddf6997276319dd8d087fd8ca6ede5fbb9d5637f4325868e9
- SHA512
  
  5130d0939b8336d13173c97dd6720cc61d27d24ec5afc73fcb274c180843534052e09d30e4672753f8a8687fbde935ced8f6a961103bc4b6dd32c357aa673f93
- SSDEEP
  
  768:sMEIvFGvZEr8LFK0ic46N47eSdYAHwmZQp6JXXlaa5uA9:sbIvYvZEyFKF6N4yS+AQmZtl/5l
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan