neconyd | a72c7001af3c1186632aa490b0994b37523999f1ef83d22a175769eea589fa08 | Triage

Sharing

General

Target

a72c7001af3c1186632aa490b0994b37523999f1ef83d22a175769eea589fa08.exe
Size

96KB
Sample

241206-h6gy1awmew
MD5

61a1cb816a8894547b2256ee527225bf
SHA1

97f0ec975b33cf88b9e530bbec8adb1142e52a17
SHA256

a72c7001af3c1186632aa490b0994b37523999f1ef83d22a175769eea589fa08
SHA512

fe674302ac6df2b610d5f6799cfd42c9e33b26e5e97d977665aa84a61976b6a5a3e4aa78a97c9e2ad6f5200eec73e1fdf683e6e73288b259b213543d4026ff27
SSDEEP

1536:xnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxa:xGs8cd8eXlYairZYqMddH13a

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  a72c7001af3c1186632aa490b0994b37523999f1ef83d22a175769eea589fa08.exe
- Size
  
  96KB
- MD5
  
  61a1cb816a8894547b2256ee527225bf
- SHA1
  
  97f0ec975b33cf88b9e530bbec8adb1142e52a17
- SHA256
  
  a72c7001af3c1186632aa490b0994b37523999f1ef83d22a175769eea589fa08
- SHA512
  
  fe674302ac6df2b610d5f6799cfd42c9e33b26e5e97d977665aa84a61976b6a5a3e4aa78a97c9e2ad6f5200eec73e1fdf683e6e73288b259b213543d4026ff27
- SSDEEP
  
  1536:xnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxa:xGs8cd8eXlYairZYqMddH13a
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan