neconyd | 0f568ed48edb15b1cd591aeca58a50c89a7019425e45469e37dd5f65c74f21fb | Triage

Sharing

General

Target

0f568ed48edb15b1cd591aeca58a50c89a7019425e45469e37dd5f65c74f21fb.exe
Size

96KB
Sample

241231-zhl2gsykcx
MD5

1d3f9f35f940830fcb77a46d7848114f
SHA1

5ceba8403897681c7be2b8969e610e5a17700771
SHA256

0f568ed48edb15b1cd591aeca58a50c89a7019425e45469e37dd5f65c74f21fb
SHA512

d4ec2cb23d8f34eda5076914efe135121294af45473c44c032a54936df95c89e635475eef72ae67d5d382567f97c6088fed6d9067a2238fcfaa0e3799c1d0ae6
SSDEEP

1536:nnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxu:nGs8cd8eXlYairZYqMddH13u

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  0f568ed48edb15b1cd591aeca58a50c89a7019425e45469e37dd5f65c74f21fb.exe
- Size
  
  96KB
- MD5
  
  1d3f9f35f940830fcb77a46d7848114f
- SHA1
  
  5ceba8403897681c7be2b8969e610e5a17700771
- SHA256
  
  0f568ed48edb15b1cd591aeca58a50c89a7019425e45469e37dd5f65c74f21fb
- SHA512
  
  d4ec2cb23d8f34eda5076914efe135121294af45473c44c032a54936df95c89e635475eef72ae67d5d382567f97c6088fed6d9067a2238fcfaa0e3799c1d0ae6
- SSDEEP
  
  1536:nnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxu:nGs8cd8eXlYairZYqMddH13u
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan