neconyd | 963f7765a42f2f317d1bbb10b2d888849d14c804652225cf953647609790fb74 | Triage

Sharing

General

Target

963f7765a42f2f317d1bbb10b2d888849d14c804652225cf953647609790fb74.exe
Size

65KB
Sample

241207-hptaps1nat
MD5

c29f518cfdda70b98868332f5e6595ca
SHA1

7a120d78fadb1317e675e4931e4f5ddbba9da508
SHA256

963f7765a42f2f317d1bbb10b2d888849d14c804652225cf953647609790fb74
SHA512

e0294036a0e8375921e349af80676571bfff47cb22593ee627741a8a175af1a3c2d04370248716b36b1d9f892ac2739486db76c348336329e1c376e6e3c5d718
SSDEEP

1536:ud9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZ/Hzl:2dseIO+EZEyFjEOFqTiQmRHzl

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  963f7765a42f2f317d1bbb10b2d888849d14c804652225cf953647609790fb74.exe
- Size
  
  65KB
- MD5
  
  c29f518cfdda70b98868332f5e6595ca
- SHA1
  
  7a120d78fadb1317e675e4931e4f5ddbba9da508
- SHA256
  
  963f7765a42f2f317d1bbb10b2d888849d14c804652225cf953647609790fb74
- SHA512
  
  e0294036a0e8375921e349af80676571bfff47cb22593ee627741a8a175af1a3c2d04370248716b36b1d9f892ac2739486db76c348336329e1c376e6e3c5d718
- SSDEEP
  
  1536:ud9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZ/Hzl:2dseIO+EZEyFjEOFqTiQmRHzl
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan