neconyd | 7070841de014384b21cb6cbc5628968b71deb78d4943a8b44fcb03e7118f022a | Triage

Sharing

General

Target

7070841de014384b21cb6cbc5628968b71deb78d4943a8b44fcb03e7118f022aN.exe
Size

64KB
Sample

241207-1txssswkey
MD5

8ab619cd5a6d2f5d409c0abc95994a50
SHA1

b3fce16f122dbfa4ab28a23880e0e04c6ca9ba23
SHA256

7070841de014384b21cb6cbc5628968b71deb78d4943a8b44fcb03e7118f022a
SHA512

25aa58d7d9a0001b6f8e6d61fc676e4b8e79ee461212d1b7a4ea7d835bca8b26c07a29a08a5478801b98651b4749f140f2f651586d3f6f3b13e93851a41f7f4d
SSDEEP

768:MMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:MbIvYvZEyFKF6N4yS+AQmZcl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7070841de014384b21cb6cbc5628968b71deb78d4943a8b44fcb03e7118f022aN.exe
- Size
  
  64KB
- MD5
  
  8ab619cd5a6d2f5d409c0abc95994a50
- SHA1
  
  b3fce16f122dbfa4ab28a23880e0e04c6ca9ba23
- SHA256
  
  7070841de014384b21cb6cbc5628968b71deb78d4943a8b44fcb03e7118f022a
- SHA512
  
  25aa58d7d9a0001b6f8e6d61fc676e4b8e79ee461212d1b7a4ea7d835bca8b26c07a29a08a5478801b98651b4749f140f2f651586d3f6f3b13e93851a41f7f4d
- SSDEEP
  
  768:MMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:MbIvYvZEyFKF6N4yS+AQmZcl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan