neconyd | 05e4b9fac690a0187d4087e0032e7add7b46d6147d62e72b602eabe02f8b9813 | Triage

Sharing

General

Target

05e4b9fac690a0187d4087e0032e7add7b46d6147d62e72b602eabe02f8b9813.exe
Size

64KB
Sample

241222-fzlmhavqhk
MD5

b888284da17f3143e6ff28052daa4b5a
SHA1

6264eb09d4b92b1e39d3a405e5c21a5805e19169
SHA256

05e4b9fac690a0187d4087e0032e7add7b46d6147d62e72b602eabe02f8b9813
SHA512

dc5cc5b1089f72b64e0445647c04d7edb2fc0cfb250ad04295e9b721bc91817db5f2ee6405f7e3f276ff0d2cc31458867dce28f4d150192db2730a741d74dfaf
SSDEEP

768:hMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAH:hbIvYvZEyFKF6N4yS+AQmZcl/5f

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  05e4b9fac690a0187d4087e0032e7add7b46d6147d62e72b602eabe02f8b9813.exe
- Size
  
  64KB
- MD5
  
  b888284da17f3143e6ff28052daa4b5a
- SHA1
  
  6264eb09d4b92b1e39d3a405e5c21a5805e19169
- SHA256
  
  05e4b9fac690a0187d4087e0032e7add7b46d6147d62e72b602eabe02f8b9813
- SHA512
  
  dc5cc5b1089f72b64e0445647c04d7edb2fc0cfb250ad04295e9b721bc91817db5f2ee6405f7e3f276ff0d2cc31458867dce28f4d150192db2730a741d74dfaf
- SSDEEP
  
  768:hMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAH:hbIvYvZEyFKF6N4yS+AQmZcl/5f
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan