neconyd | c563c39bb2f300dc9dfa5c0b2fc266072a5c96ffc6f56b92df9d2f2dbd702868 | Triage

Sharing

General

Target

fcfeb20e420471971457ba0b64e0b55b_JaffaCakes118
Size

63KB
Sample

241218-y78fca1pen
MD5

fcfeb20e420471971457ba0b64e0b55b
SHA1

6d601d4939f0fcbb33add732bd232d9051764edb
SHA256

c563c39bb2f300dc9dfa5c0b2fc266072a5c96ffc6f56b92df9d2f2dbd702868
SHA512

869d3c30ca03bc2abb4b459673fc762149e6bf3fb0c4be858a63d16b92d4fa1c56891cd39a3d812120a309f9ebe76d182ec75c7942ba10a8396e3cf2b96c20fe
SSDEEP

768:vMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAW:vbIvYvZEyFKF6N4yS+AQmZTl/5O

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  fcfeb20e420471971457ba0b64e0b55b_JaffaCakes118
- Size
  
  63KB
- MD5
  
  fcfeb20e420471971457ba0b64e0b55b
- SHA1
  
  6d601d4939f0fcbb33add732bd232d9051764edb
- SHA256
  
  c563c39bb2f300dc9dfa5c0b2fc266072a5c96ffc6f56b92df9d2f2dbd702868
- SHA512
  
  869d3c30ca03bc2abb4b459673fc762149e6bf3fb0c4be858a63d16b92d4fa1c56891cd39a3d812120a309f9ebe76d182ec75c7942ba10a8396e3cf2b96c20fe
- SSDEEP
  
  768:vMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAW:vbIvYvZEyFKF6N4yS+AQmZTl/5O
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan