neconyd | 5824363188952406e7db4cc219ae680b7e8ba1a7f68f13bfdb18f040804d082b | Triage

Sharing

General

Target

5824363188952406e7db4cc219ae680b7e8ba1a7f68f13bfdb18f040804d082b.exe
Size

90KB
Sample

241211-h6g9rsxmdr
MD5

d8f41fa66b208c85a07f0b0f278289cf
SHA1

4995c9bc25e9b1c6eab7cb69afd46f00a8147f18
SHA256

5824363188952406e7db4cc219ae680b7e8ba1a7f68f13bfdb18f040804d082b
SHA512

bb6b950d9a029382e209237483a61ac9f8948fc67e5a9b3014e0da44c21052100a595e08f53e2a665fc1c2c0f4e924a7c9d42147553a0e15f7715af74f365950
SSDEEP

768:RMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uAa:RbIvYvZEyFKF6N4aS5AQmZTl/5i

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5824363188952406e7db4cc219ae680b7e8ba1a7f68f13bfdb18f040804d082b.exe
- Size
  
  90KB
- MD5
  
  d8f41fa66b208c85a07f0b0f278289cf
- SHA1
  
  4995c9bc25e9b1c6eab7cb69afd46f00a8147f18
- SHA256
  
  5824363188952406e7db4cc219ae680b7e8ba1a7f68f13bfdb18f040804d082b
- SHA512
  
  bb6b950d9a029382e209237483a61ac9f8948fc67e5a9b3014e0da44c21052100a595e08f53e2a665fc1c2c0f4e924a7c9d42147553a0e15f7715af74f365950
- SSDEEP
  
  768:RMEIvFGvZEr8LFK0ic46N4zeSdPAHwmZGp6JXXlaa5uAa:RbIvYvZEyFKF6N4aS5AQmZTl/5i
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan