neconyd | 4bc709172ebb1582a8ab25339891d45c3130abf98a6d54f0d7eb085f4c739b35 | Triage

Sharing

General

Target

4bc709172ebb1582a8ab25339891d45c3130abf98a6d54f0d7eb085f4c739b35N.exe
Size

72KB
Sample

241220-a2y3qavkey
MD5

0c3cd0b70f7e5be5317106daf79ee2d0
SHA1

ef2db927ed0fd8e4eaa498c5abc28cc50e2eed22
SHA256

4bc709172ebb1582a8ab25339891d45c3130abf98a6d54f0d7eb085f4c739b35
SHA512

1b7befe58e91e9b7f4a4f978fb2d7d87cf5d392993c6d0fc83ee9a03e7ee7a9d819368ca4a3bf456fda61e1fa89aaeb60ee6a5bdf96508251c988dbfd9a693aa
SSDEEP

1536:Td9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/52119:TdseIOMEZEyFjEOFqTiQm5l/52119

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  4bc709172ebb1582a8ab25339891d45c3130abf98a6d54f0d7eb085f4c739b35N.exe
- Size
  
  72KB
- MD5
  
  0c3cd0b70f7e5be5317106daf79ee2d0
- SHA1
  
  ef2db927ed0fd8e4eaa498c5abc28cc50e2eed22
- SHA256
  
  4bc709172ebb1582a8ab25339891d45c3130abf98a6d54f0d7eb085f4c739b35
- SHA512
  
  1b7befe58e91e9b7f4a4f978fb2d7d87cf5d392993c6d0fc83ee9a03e7ee7a9d819368ca4a3bf456fda61e1fa89aaeb60ee6a5bdf96508251c988dbfd9a693aa
- SSDEEP
  
  1536:Td9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/52119:TdseIOMEZEyFjEOFqTiQm5l/52119
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan