neconyd | 1fb13eb3c72f0d3fd6499b2730c9f0e6dd2c2502a5575ba7a2e554ca368476c7 | Triage

Sharing

General

Target

1fb13eb3c72f0d3fd6499b2730c9f0e6dd2c2502a5575ba7a2e554ca368476c7N.exe
Size

96KB
Sample

241215-3m7qjaspb1
MD5

b67bf83c78ed65549a8d17207df21650
SHA1

2555a01e772fd1f349128cf6e3daf275792885c7
SHA256

1fb13eb3c72f0d3fd6499b2730c9f0e6dd2c2502a5575ba7a2e554ca368476c7
SHA512

2664132b45f60357d2bd93689caf16c2123af1b86683228f08cf249ea8f82d774b8a2c94785cf37fb811de51265195c1ed358444f61ab29441246787c77a1006
SSDEEP

1536:QnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:QGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1fb13eb3c72f0d3fd6499b2730c9f0e6dd2c2502a5575ba7a2e554ca368476c7N.exe
- Size
  
  96KB
- MD5
  
  b67bf83c78ed65549a8d17207df21650
- SHA1
  
  2555a01e772fd1f349128cf6e3daf275792885c7
- SHA256
  
  1fb13eb3c72f0d3fd6499b2730c9f0e6dd2c2502a5575ba7a2e554ca368476c7
- SHA512
  
  2664132b45f60357d2bd93689caf16c2123af1b86683228f08cf249ea8f82d774b8a2c94785cf37fb811de51265195c1ed358444f61ab29441246787c77a1006
- SSDEEP
  
  1536:QnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:QGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan