neconyd | 7bd63f0ea0fbfa0e7b6f68d2e026dfb71e8e278e316723fea0fc4f6ca32475e5 | Triage

Sharing

General

Target

7bd63f0ea0fbfa0e7b6f68d2e026dfb71e8e278e316723fea0fc4f6ca32475e5.exe
Size

134KB
Sample

241222-e1gjhatmam
MD5

51d01f0d8380c55b4601e419668a181b
SHA1

1639ad6d7cd81b6655084c9b8d6f53ae0ecdedb4
SHA256

7bd63f0ea0fbfa0e7b6f68d2e026dfb71e8e278e316723fea0fc4f6ca32475e5
SHA512

cb6dd53b7bd60fe5acbd497f818159e0dc04a4a685347f086f759f1ab6e572496dae11fdd9e4e9c83a15b13e8787aff33a49be8397c539f1a3f97c9aef2841c6
SSDEEP

1536:fDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCiH:LiRTeH0iqAW6J6f1tqF6dngNmaZCiaI

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7bd63f0ea0fbfa0e7b6f68d2e026dfb71e8e278e316723fea0fc4f6ca32475e5.exe
- Size
  
  134KB
- MD5
  
  51d01f0d8380c55b4601e419668a181b
- SHA1
  
  1639ad6d7cd81b6655084c9b8d6f53ae0ecdedb4
- SHA256
  
  7bd63f0ea0fbfa0e7b6f68d2e026dfb71e8e278e316723fea0fc4f6ca32475e5
- SHA512
  
  cb6dd53b7bd60fe5acbd497f818159e0dc04a4a685347f086f759f1ab6e572496dae11fdd9e4e9c83a15b13e8787aff33a49be8397c539f1a3f97c9aef2841c6
- SSDEEP
  
  1536:fDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCiH:LiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan