neconyd | ba19289241b57a93d7e26d5b275892f3b11fccdfa6fc3e4e0002c8a67854fa52 | Triage

Sharing

General

Target

ba19289241b57a93d7e26d5b275892f3b11fccdfa6fc3e4e0002c8a67854fa52N.exe
Size

70KB
Sample

250104-bzkyrawpek
MD5

f188a8c2e84ed1be1d02a7b2a248eb40
SHA1

eef8a31ae6d45f8992fbb40fee3fd331d5fa462a
SHA256

ba19289241b57a93d7e26d5b275892f3b11fccdfa6fc3e4e0002c8a67854fa52
SHA512

bc3da1760d0f4970315e48b034fc028d7542b7f6f9cad1ca4e39264a61622f350e2ab9c323c8d7d160934e0f99152ec781616c40c3fc99221edf4676ea3958f6
SSDEEP

1536:cd9dseIOcE93bIvYvZEyF4EEOF+N4yS+AQmZsDHNzfE:kdseIOMEZEyFjEOFuTiQm+DHNzfE

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  ba19289241b57a93d7e26d5b275892f3b11fccdfa6fc3e4e0002c8a67854fa52N.exe
- Size
  
  70KB
- MD5
  
  f188a8c2e84ed1be1d02a7b2a248eb40
- SHA1
  
  eef8a31ae6d45f8992fbb40fee3fd331d5fa462a
- SHA256
  
  ba19289241b57a93d7e26d5b275892f3b11fccdfa6fc3e4e0002c8a67854fa52
- SHA512
  
  bc3da1760d0f4970315e48b034fc028d7542b7f6f9cad1ca4e39264a61622f350e2ab9c323c8d7d160934e0f99152ec781616c40c3fc99221edf4676ea3958f6
- SSDEEP
  
  1536:cd9dseIOcE93bIvYvZEyF4EEOF+N4yS+AQmZsDHNzfE:kdseIOMEZEyFjEOFuTiQm+DHNzfE
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan