neconyd | f55e5150c0b9c8fc09bc79ed8dd53fe094fef3550289b9326c8e1dd8619d6f94 | Triage

Sharing

General

Target

JaffaCakes118_14e8b4d4b8f22343b05b0f84a9c42289
Size

64KB
Sample

241231-mj478symbq
MD5

14e8b4d4b8f22343b05b0f84a9c42289
SHA1

910fc3e313b8f1390a34af7db5e305ae9d880d13
SHA256

f55e5150c0b9c8fc09bc79ed8dd53fe094fef3550289b9326c8e1dd8619d6f94
SHA512

f2869e8d1cf140b1506ff5d2cc9cb2715148a87cf895fd0d5b1df355834fea8df0554a90fc2f82cd57f7cc40d5131dd16418733af9aafa611eda44a502799e1b
SSDEEP

1536:bd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:rdseIOMEZEyFjEOFqTiQm5l/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  JaffaCakes118_14e8b4d4b8f22343b05b0f84a9c42289
- Size
  
  64KB
- MD5
  
  14e8b4d4b8f22343b05b0f84a9c42289
- SHA1
  
  910fc3e313b8f1390a34af7db5e305ae9d880d13
- SHA256
  
  f55e5150c0b9c8fc09bc79ed8dd53fe094fef3550289b9326c8e1dd8619d6f94
- SHA512
  
  f2869e8d1cf140b1506ff5d2cc9cb2715148a87cf895fd0d5b1df355834fea8df0554a90fc2f82cd57f7cc40d5131dd16418733af9aafa611eda44a502799e1b
- SSDEEP
  
  1536:bd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5:rdseIOMEZEyFjEOFqTiQm5l/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan