neconyd | ab6aa14e5b2c300254ab78cb709ad3f1a4eede68f99d5273a25873cb0beda965 | Triage

Sharing

General

Target

ab6aa14e5b2c300254ab78cb709ad3f1a4eede68f99d5273a25873cb0beda965.exe
Size

96KB
Sample

241222-tsx9lstmap
MD5

bcadd7ede953fb864ee8f439ee7c351c
SHA1

11c74f41f410b1ef09c5415932e1987745e2c1ff
SHA256

ab6aa14e5b2c300254ab78cb709ad3f1a4eede68f99d5273a25873cb0beda965
SHA512

6ffc1b7b2255a794109bbe066b454fe78db966230ac045512b234d349d912492125b193575941175c155e13d61319f560c119528661fa1580c090baa241de99f
SSDEEP

1536:UnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:UGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  ab6aa14e5b2c300254ab78cb709ad3f1a4eede68f99d5273a25873cb0beda965.exe
- Size
  
  96KB
- MD5
  
  bcadd7ede953fb864ee8f439ee7c351c
- SHA1
  
  11c74f41f410b1ef09c5415932e1987745e2c1ff
- SHA256
  
  ab6aa14e5b2c300254ab78cb709ad3f1a4eede68f99d5273a25873cb0beda965
- SHA512
  
  6ffc1b7b2255a794109bbe066b454fe78db966230ac045512b234d349d912492125b193575941175c155e13d61319f560c119528661fa1580c090baa241de99f
- SSDEEP
  
  1536:UnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:UGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan