neconyd | e3f9e5ac4f5771921487ce28ac4c1d63fc12b5460feb6afd65d5d9850a1dfdf7 | Triage

Sharing

General

Target

e3f9e5ac4f5771921487ce28ac4c1d63fc12b5460feb6afd65d5d9850a1dfdf7N.exe
Size

88KB
Sample

241216-fpcxlsvqht
MD5

90da53acc55d7dc094402216130d6fb0
SHA1

6514620fb963d50a859dd627c29aaea2dd3c1017
SHA256

e3f9e5ac4f5771921487ce28ac4c1d63fc12b5460feb6afd65d5d9850a1dfdf7
SHA512

379b1c0cb65f1b2656b995cd4e269dffb06cb6df5cb52bf0f6d5c55d309f68aac36740350968b1fe7afe71c245f2796f67f3e41a189c54aefe41d704745bddba
SSDEEP

1536:7d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5R:LdseIOMEZEyFjEOFqTiQm5l/5R

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  e3f9e5ac4f5771921487ce28ac4c1d63fc12b5460feb6afd65d5d9850a1dfdf7N.exe
- Size
  
  88KB
- MD5
  
  90da53acc55d7dc094402216130d6fb0
- SHA1
  
  6514620fb963d50a859dd627c29aaea2dd3c1017
- SHA256
  
  e3f9e5ac4f5771921487ce28ac4c1d63fc12b5460feb6afd65d5d9850a1dfdf7
- SHA512
  
  379b1c0cb65f1b2656b995cd4e269dffb06cb6df5cb52bf0f6d5c55d309f68aac36740350968b1fe7afe71c245f2796f67f3e41a189c54aefe41d704745bddba
- SSDEEP
  
  1536:7d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5R:LdseIOMEZEyFjEOFqTiQm5l/5R
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan