neconyd | 1f6a1cd3da3e91060569eeb65e387f5e4cef513d15ffc7daaad302ea5d6b3f76 | Triage

Sharing

General

Target

1f6a1cd3da3e91060569eeb65e387f5e4cef513d15ffc7daaad302ea5d6b3f76.exe
Size

61KB
Sample

241210-24e66stpet
MD5

58a9460b37d9363bb9c9dc9c5c4e42de
SHA1

bc0c589985451149f971676617412a06ebe4d143
SHA256

1f6a1cd3da3e91060569eeb65e387f5e4cef513d15ffc7daaad302ea5d6b3f76
SHA512

7b9d4c51aa37375c546cc72fc7f3447dd0206749c85cb9fc0f26391886c6c31a4775b89a68f64d7a2de64ebd0b1ee99295565d91a5adb791d82e1872f4e21fc7
SSDEEP

1536:Pd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZWl/5t:ndseIOMEZEyFjEOFqTiQmUl/5t

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1f6a1cd3da3e91060569eeb65e387f5e4cef513d15ffc7daaad302ea5d6b3f76.exe
- Size
  
  61KB
- MD5
  
  58a9460b37d9363bb9c9dc9c5c4e42de
- SHA1
  
  bc0c589985451149f971676617412a06ebe4d143
- SHA256
  
  1f6a1cd3da3e91060569eeb65e387f5e4cef513d15ffc7daaad302ea5d6b3f76
- SHA512
  
  7b9d4c51aa37375c546cc72fc7f3447dd0206749c85cb9fc0f26391886c6c31a4775b89a68f64d7a2de64ebd0b1ee99295565d91a5adb791d82e1872f4e21fc7
- SSDEEP
  
  1536:Pd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZWl/5t:ndseIOMEZEyFjEOFqTiQmUl/5t
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan