neconyd | 2e12be0b08f4d6d4fb59bc6b580e1d703e5245c3f3ec1c1d4430891f7fb32237 | Triage

Sharing

General

Target

2e12be0b08f4d6d4fb59bc6b580e1d703e5245c3f3ec1c1d4430891f7fb32237
Size

61KB
Sample

241215-znx1yaykhr
MD5

bae8f8153cca690a28d4f9994d01e1cf
SHA1

dd7c227d54c3cd18f78f5311aaf60b63e278b97d
SHA256

2e12be0b08f4d6d4fb59bc6b580e1d703e5245c3f3ec1c1d4430891f7fb32237
SHA512

4730e80d64dac2ee3e6697560fbe51a8bbd823f89bd924bc66a02281bff91c451a05d30c313f31e4941f683fcabcde6918f96da0d7a76ccd67fc704048c19707
SSDEEP

1536:md9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZWl/5n:edseIOMEZEyFjEOFqTiQmUl/5n

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  2e12be0b08f4d6d4fb59bc6b580e1d703e5245c3f3ec1c1d4430891f7fb32237
- Size
  
  61KB
- MD5
  
  bae8f8153cca690a28d4f9994d01e1cf
- SHA1
  
  dd7c227d54c3cd18f78f5311aaf60b63e278b97d
- SHA256
  
  2e12be0b08f4d6d4fb59bc6b580e1d703e5245c3f3ec1c1d4430891f7fb32237
- SHA512
  
  4730e80d64dac2ee3e6697560fbe51a8bbd823f89bd924bc66a02281bff91c451a05d30c313f31e4941f683fcabcde6918f96da0d7a76ccd67fc704048c19707
- SSDEEP
  
  1536:md9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZWl/5n:edseIOMEZEyFjEOFqTiQmUl/5n
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan