neconyd | 0672e67c346a2f7e34187d701376de895be5abd192f8b09dc0dbef89f7e755c7 | Triage

Sharing

General

Target

0672e67c346a2f7e34187d701376de895be5abd192f8b09dc0dbef89f7e755c7N.exe
Size

76KB
Sample

241217-jwjkhsvrfq
MD5

f6147bdc684b02168004603bbe1d1f60
SHA1

dd1d9cb0d1d3c3078a30937d569244bc07bc72ba
SHA256

0672e67c346a2f7e34187d701376de895be5abd192f8b09dc0dbef89f7e755c7
SHA512

959e70c9b5b4d70509e703468b31bb7f7bbee34ad38e5c7471c6ff091872436d0cdc634a7e13b7bb315910dee81fd97fe6c015564b2e071b31e7e53362f962f7
SSDEEP

768:O2MEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAWb:/bIvYvZEyFKF6N4yS+AQmZTl/5Ob

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  0672e67c346a2f7e34187d701376de895be5abd192f8b09dc0dbef89f7e755c7N.exe
- Size
  
  76KB
- MD5
  
  f6147bdc684b02168004603bbe1d1f60
- SHA1
  
  dd1d9cb0d1d3c3078a30937d569244bc07bc72ba
- SHA256
  
  0672e67c346a2f7e34187d701376de895be5abd192f8b09dc0dbef89f7e755c7
- SHA512
  
  959e70c9b5b4d70509e703468b31bb7f7bbee34ad38e5c7471c6ff091872436d0cdc634a7e13b7bb315910dee81fd97fe6c015564b2e071b31e7e53362f962f7
- SSDEEP
  
  768:O2MEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAWb:/bIvYvZEyFKF6N4yS+AQmZTl/5Ob
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan