neconyd | 97000034378f4baf65a859cfec6c44fd118a4ea183918069bba15a9f1218bf71 | Triage

Sharing

General

Target

97000034378f4baf65a859cfec6c44fd118a4ea183918069bba15a9f1218bf71N.exe
Size

96KB
Sample

250103-xsj9ja1ndq
MD5

ad84983cf108388009030120e07e2000
SHA1

d058d298c2ee9cbe89480bc29e4da3db3db5505b
SHA256

97000034378f4baf65a859cfec6c44fd118a4ea183918069bba15a9f1218bf71
SHA512

7f149dff2bb6a7168f47113bb55a360a66d8373766962def2a6fd7021c7044307303afdaab96d479bb068497bccb486a9b6fbaf95d59b07aa20fc1d13a9f47b4
SSDEEP

1536:EnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:EGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  97000034378f4baf65a859cfec6c44fd118a4ea183918069bba15a9f1218bf71N.exe
- Size
  
  96KB
- MD5
  
  ad84983cf108388009030120e07e2000
- SHA1
  
  d058d298c2ee9cbe89480bc29e4da3db3db5505b
- SHA256
  
  97000034378f4baf65a859cfec6c44fd118a4ea183918069bba15a9f1218bf71
- SHA512
  
  7f149dff2bb6a7168f47113bb55a360a66d8373766962def2a6fd7021c7044307303afdaab96d479bb068497bccb486a9b6fbaf95d59b07aa20fc1d13a9f47b4
- SSDEEP
  
  1536:EnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:EGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan