neconyd | c2f0536c57b40ed0b4d76fd50dd0295d542d90a4b9421eda6a70816fecc4dc16 | Triage

Sharing

General

Target

c2f0536c57b40ed0b4d76fd50dd0295d542d90a4b9421eda6a70816fecc4dc16.exe
Size

96KB
Sample

241231-qt6qlasmgz
MD5

e3e2a0768e41f6c02ff6bad57caec4f2
SHA1

dc5c7d021301f8eb3b80a9ac0359db3376c5881c
SHA256

c2f0536c57b40ed0b4d76fd50dd0295d542d90a4b9421eda6a70816fecc4dc16
SHA512

1d93d89c672b16844a29ae876414cf13b537370fa93009dcde6f614ca317a023ce6cfb16b0624c3b6f935ef6491f034c62aa388e50ce680594bf1d094a074cd3
SSDEEP

1536:6nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxp:6Gs8cd8eXlYairZYqMddH13p

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c2f0536c57b40ed0b4d76fd50dd0295d542d90a4b9421eda6a70816fecc4dc16.exe
- Size
  
  96KB
- MD5
  
  e3e2a0768e41f6c02ff6bad57caec4f2
- SHA1
  
  dc5c7d021301f8eb3b80a9ac0359db3376c5881c
- SHA256
  
  c2f0536c57b40ed0b4d76fd50dd0295d542d90a4b9421eda6a70816fecc4dc16
- SHA512
  
  1d93d89c672b16844a29ae876414cf13b537370fa93009dcde6f614ca317a023ce6cfb16b0624c3b6f935ef6491f034c62aa388e50ce680594bf1d094a074cd3
- SSDEEP
  
  1536:6nAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxp:6Gs8cd8eXlYairZYqMddH13p
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan