neconyd | ca86903136a0b7c013c9bdba9898a27c09e2298cda7e807af3643747370a0f11 | Triage

Sharing

General

Target

ca86903136a0b7c013c9bdba9898a27c09e2298cda7e807af3643747370a0f11N.exe
Size

134KB
Sample

250103-xle18sxrft
MD5

1f5b93590a82461a3c309756069c7740
SHA1

a4ac2ada6df4bed79688705f0eb452a4bef57fcd
SHA256

ca86903136a0b7c013c9bdba9898a27c09e2298cda7e807af3643747370a0f11
SHA512

99c766ad16e19b9ce1757721dc99b089ee74a7e8b5bd752eaa48ab09213611ff983931a22575962474f64447ed4e7c2065cf63f95fa5745ab496037c66e8c2fa
SSDEEP

1536:BDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCi9:hiRTeH0iqAW6J6f1tqF6dngNmaZCiaI

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  ca86903136a0b7c013c9bdba9898a27c09e2298cda7e807af3643747370a0f11N.exe
- Size
  
  134KB
- MD5
  
  1f5b93590a82461a3c309756069c7740
- SHA1
  
  a4ac2ada6df4bed79688705f0eb452a4bef57fcd
- SHA256
  
  ca86903136a0b7c013c9bdba9898a27c09e2298cda7e807af3643747370a0f11
- SHA512
  
  99c766ad16e19b9ce1757721dc99b089ee74a7e8b5bd752eaa48ab09213611ff983931a22575962474f64447ed4e7c2065cf63f95fa5745ab496037c66e8c2fa
- SSDEEP
  
  1536:BDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCi9:hiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan