neconyd | dc42a74163cf464f200edf88465381a04341c293548c3621c9c88c911ea90bb1 | Triage

Sharing

General

Target

dc42a74163cf464f200edf88465381a04341c293548c3621c9c88c911ea90bb1.exe
Size

128KB
Sample

250106-1y7tka1rhn
MD5

73cab011babde57bf8e5e70ac85d2d3d
SHA1

40a2bb1bb24cbc90541cccd9274085e63cc723c7
SHA256

dc42a74163cf464f200edf88465381a04341c293548c3621c9c88c911ea90bb1
SHA512

1d218d1f7a7aa9c2ed37bb249cae28a1077d2a86ea58595213d2c9e53b5cee641c24ca3175a3b6ab987eb75ea6605c4633529eb0388e287febcbfc77e3bda298
SSDEEP

1536:8DfDbhERTatPLTLLbC+8BMNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabaa:iiRTe3n8BMAW6J6f1tqF6dngNmaZr3

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  dc42a74163cf464f200edf88465381a04341c293548c3621c9c88c911ea90bb1.exe
- Size
  
  128KB
- MD5
  
  73cab011babde57bf8e5e70ac85d2d3d
- SHA1
  
  40a2bb1bb24cbc90541cccd9274085e63cc723c7
- SHA256
  
  dc42a74163cf464f200edf88465381a04341c293548c3621c9c88c911ea90bb1
- SHA512
  
  1d218d1f7a7aa9c2ed37bb249cae28a1077d2a86ea58595213d2c9e53b5cee641c24ca3175a3b6ab987eb75ea6605c4633529eb0388e287febcbfc77e3bda298
- SSDEEP
  
  1536:8DfDbhERTatPLTLLbC+8BMNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabaa:iiRTe3n8BMAW6J6f1tqF6dngNmaZr3
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan