neconyd | 8bbf4cd485a5d6a2c3d17d88495bbf81392a9f60241d7c4cf8502688b5841c28 | Triage

Sharing

General

Target

8bbf4cd485a5d6a2c3d17d88495bbf81392a9f60241d7c4cf8502688b5841c28.exe
Size

88KB
Sample

241219-m51rya1qes
MD5

3aec4f04e9758e3fbb80b9f774907185
SHA1

13ba3a484de505ebe27e7fdfdce5f9c36451288b
SHA256

8bbf4cd485a5d6a2c3d17d88495bbf81392a9f60241d7c4cf8502688b5841c28
SHA512

2ddca3cd6e9af6d0bf7e9a718107191aefa3e13088f5b243c396033efcdf4331912f6c31a3f37fef87faa053a0df4adc4d5e04aac3b176b39b4d6a967dd52c32
SSDEEP

1536:md9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5r:edseIOMEZEyFjEOFqTiQm5l/5r

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  8bbf4cd485a5d6a2c3d17d88495bbf81392a9f60241d7c4cf8502688b5841c28.exe
- Size
  
  88KB
- MD5
  
  3aec4f04e9758e3fbb80b9f774907185
- SHA1
  
  13ba3a484de505ebe27e7fdfdce5f9c36451288b
- SHA256
  
  8bbf4cd485a5d6a2c3d17d88495bbf81392a9f60241d7c4cf8502688b5841c28
- SHA512
  
  2ddca3cd6e9af6d0bf7e9a718107191aefa3e13088f5b243c396033efcdf4331912f6c31a3f37fef87faa053a0df4adc4d5e04aac3b176b39b4d6a967dd52c32
- SSDEEP
  
  1536:md9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5r:edseIOMEZEyFjEOFqTiQm5l/5r
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan