neconyd | 5535f23a5f387d1b3656bc3d3a2a7a2112136d8e0cbe01688494aee35280c9aa | Triage

Sharing

General

Target

5535f23a5f387d1b3656bc3d3a2a7a2112136d8e0cbe01688494aee35280c9aa
Size

64KB
Sample

241227-1xcl2a1lfj
MD5

9c29b196f9691c29658a4d1b3cac6308
SHA1

8b07aefb5869ab43b3c9c39476a5c8e24bf847be
SHA256

5535f23a5f387d1b3656bc3d3a2a7a2112136d8e0cbe01688494aee35280c9aa
SHA512

1b39ee5ee93ccfb039c762fb2e2b5f5bece3107f6ebef01b8718094b2186bbd2b8ff67eff80dc4107723706038b61f01a9e89b146527c63743ccae65a5feb238
SSDEEP

768:JMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAN:JbIvYvZEyFKF6N4yS+AQmZcl/51

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5535f23a5f387d1b3656bc3d3a2a7a2112136d8e0cbe01688494aee35280c9aa
- Size
  
  64KB
- MD5
  
  9c29b196f9691c29658a4d1b3cac6308
- SHA1
  
  8b07aefb5869ab43b3c9c39476a5c8e24bf847be
- SHA256
  
  5535f23a5f387d1b3656bc3d3a2a7a2112136d8e0cbe01688494aee35280c9aa
- SHA512
  
  1b39ee5ee93ccfb039c762fb2e2b5f5bece3107f6ebef01b8718094b2186bbd2b8ff67eff80dc4107723706038b61f01a9e89b146527c63743ccae65a5feb238
- SSDEEP
  
  768:JMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAN:JbIvYvZEyFKF6N4yS+AQmZcl/51
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan