neconyd | 15cd84b0943b6f775bc10029d846363ecf985a2a3fe7a3fd14f31e154eeee344 | Triage

Sharing

General

Target

15cd84b0943b6f775bc10029d846363ecf985a2a3fe7a3fd14f31e154eeee344
Size

61KB
Sample

241229-yrz42awpav
MD5

b43ae4bd2587aae0bb7cda53225bfb7e
SHA1

a7915c8f95202c58172bc6ffa283505e7874fb3a
SHA256

15cd84b0943b6f775bc10029d846363ecf985a2a3fe7a3fd14f31e154eeee344
SHA512

21c0cb46e37862689cf1fb6f75692e3ff094298c5e263db46b2f0df6cca1e943ef1e170dfd2f330080db80aa40ce6b64d80b36073557538274fbba116e743b84
SSDEEP

1536:Ld9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZll/5:7dseIOMEZEyFjEOFqTiQmPl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  15cd84b0943b6f775bc10029d846363ecf985a2a3fe7a3fd14f31e154eeee344
- Size
  
  61KB
- MD5
  
  b43ae4bd2587aae0bb7cda53225bfb7e
- SHA1
  
  a7915c8f95202c58172bc6ffa283505e7874fb3a
- SHA256
  
  15cd84b0943b6f775bc10029d846363ecf985a2a3fe7a3fd14f31e154eeee344
- SHA512
  
  21c0cb46e37862689cf1fb6f75692e3ff094298c5e263db46b2f0df6cca1e943ef1e170dfd2f330080db80aa40ce6b64d80b36073557538274fbba116e743b84
- SSDEEP
  
  1536:Ld9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZll/5:7dseIOMEZEyFjEOFqTiQmPl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan