neconyd | 552f4da914522f692d1ec128459bc5b790aa6614f706fa1eaa10a5cdbc00d919 | Triage

Sharing

General

Target

552f4da914522f692d1ec128459bc5b790aa6614f706fa1eaa10a5cdbc00d919.exe
Size

76KB
Sample

241222-qvphpszral
MD5

1cb116e774a27cb62cb868a1a9d0539b
SHA1

a26c3440eb2f7ea83ab8bf5551c33ce3440097cf
SHA256

552f4da914522f692d1ec128459bc5b790aa6614f706fa1eaa10a5cdbc00d919
SHA512

38db25d06185eb26e62733d75e41ed52029648c93c2bcd59253d606dcb1df7f78e6883626797c5a149d7cac9421dfa343b5ba6e713b6311140fd7cdb9da7eeb9
SSDEEP

768:XMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAWZ:XbIvYvZEyFKF6N4yS+AQmZTl/5OZ

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  552f4da914522f692d1ec128459bc5b790aa6614f706fa1eaa10a5cdbc00d919.exe
- Size
  
  76KB
- MD5
  
  1cb116e774a27cb62cb868a1a9d0539b
- SHA1
  
  a26c3440eb2f7ea83ab8bf5551c33ce3440097cf
- SHA256
  
  552f4da914522f692d1ec128459bc5b790aa6614f706fa1eaa10a5cdbc00d919
- SHA512
  
  38db25d06185eb26e62733d75e41ed52029648c93c2bcd59253d606dcb1df7f78e6883626797c5a149d7cac9421dfa343b5ba6e713b6311140fd7cdb9da7eeb9
- SSDEEP
  
  768:XMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAWZ:XbIvYvZEyFKF6N4yS+AQmZTl/5OZ
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan