neconyd | 1c5a050de55f070e3b44227453f97adefbbca515640759a51caefe86957a8264 | Triage

Sharing

General

Target

1c5a050de55f070e3b44227453f97adefbbca515640759a51caefe86957a8264.exe
Size

134KB
Sample

250107-env65atkgz
MD5

467d4466e9cfc80448b78650981e0262
SHA1

00589707e788664d4743ea981e65833495d016c1
SHA256

1c5a050de55f070e3b44227453f97adefbbca515640759a51caefe86957a8264
SHA512

f8cfe8a3a1416bc02e2e907f1c83e795b54c1bcb5a3f53d65ea1ac9c28772c1ec42d4a904b748eec9aaba299261cf0b7ae7943d18a7dcd19a2d0d00bbabc9835
SSDEEP

1536:nDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCiX:DiRTeH0iqAW6J6f1tqF6dngNmaZCiaI

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1c5a050de55f070e3b44227453f97adefbbca515640759a51caefe86957a8264.exe
- Size
  
  134KB
- MD5
  
  467d4466e9cfc80448b78650981e0262
- SHA1
  
  00589707e788664d4743ea981e65833495d016c1
- SHA256
  
  1c5a050de55f070e3b44227453f97adefbbca515640759a51caefe86957a8264
- SHA512
  
  f8cfe8a3a1416bc02e2e907f1c83e795b54c1bcb5a3f53d65ea1ac9c28772c1ec42d4a904b748eec9aaba299261cf0b7ae7943d18a7dcd19a2d0d00bbabc9835
- SSDEEP
  
  1536:nDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCiX:DiRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan