neconyd | adc9736e5c213fba5d47a7788f96cf26d7fdc76c42dfe5d9de6502e699e232b4 | Triage

Sharing

General

Target

adc9736e5c213fba5d47a7788f96cf26d7fdc76c42dfe5d9de6502e699e232b4
Size

76KB
Sample

241211-c3vg2asjhy
MD5

90caf5eae22950b61696d4ff2cb82c56
SHA1

5f9acc7c2e74b7e409cd7dafaed10f6c67bbab09
SHA256

adc9736e5c213fba5d47a7788f96cf26d7fdc76c42dfe5d9de6502e699e232b4
SHA512

8592fbd9730d5ca2a38ea5569b8ceb60790e53cd9a0a4ac2b8f0a2de5c2df60d3b1bb3deeb4a180d4711905edb44e5c5e78e40db5c6f6bc630859eb957913561
SSDEEP

1536:Ad9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11:gdseIOMEZEyFjEOFqaiQm5l/5w11

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  adc9736e5c213fba5d47a7788f96cf26d7fdc76c42dfe5d9de6502e699e232b4
- Size
  
  76KB
- MD5
  
  90caf5eae22950b61696d4ff2cb82c56
- SHA1
  
  5f9acc7c2e74b7e409cd7dafaed10f6c67bbab09
- SHA256
  
  adc9736e5c213fba5d47a7788f96cf26d7fdc76c42dfe5d9de6502e699e232b4
- SHA512
  
  8592fbd9730d5ca2a38ea5569b8ceb60790e53cd9a0a4ac2b8f0a2de5c2df60d3b1bb3deeb4a180d4711905edb44e5c5e78e40db5c6f6bc630859eb957913561
- SSDEEP
  
  1536:Ad9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11:gdseIOMEZEyFjEOFqaiQm5l/5w11
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan