neconyd | 1fd45a443ae2a089e0c9c0a35127ed652cb4dc89c8f891e9f7eb36b59513a68f | Triage

Sharing

General

Target

1fd45a443ae2a089e0c9c0a35127ed652cb4dc89c8f891e9f7eb36b59513a68fN.exe
Size

64KB
Sample

241222-sn2wkasjev
MD5

1c00754a0728f9946163179cd190a080
SHA1

0504aceeeb0b1222f75812d2c249c760d88d9057
SHA256

1fd45a443ae2a089e0c9c0a35127ed652cb4dc89c8f891e9f7eb36b59513a68f
SHA512

ed35381ab962862d60a038c284311275e04ccb552212e35902d2f0e7384313077d072e986689003d37141891ebd3e7740c16119780ed8b36980228e919891894
SSDEEP

768:vMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:vbIvYvZEyFKF6N4yS+AQmZcl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1fd45a443ae2a089e0c9c0a35127ed652cb4dc89c8f891e9f7eb36b59513a68fN.exe
- Size
  
  64KB
- MD5
  
  1c00754a0728f9946163179cd190a080
- SHA1
  
  0504aceeeb0b1222f75812d2c249c760d88d9057
- SHA256
  
  1fd45a443ae2a089e0c9c0a35127ed652cb4dc89c8f891e9f7eb36b59513a68f
- SHA512
  
  ed35381ab962862d60a038c284311275e04ccb552212e35902d2f0e7384313077d072e986689003d37141891ebd3e7740c16119780ed8b36980228e919891894
- SSDEEP
  
  768:vMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uA:vbIvYvZEyFKF6N4yS+AQmZcl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan