neconyd | 4dbbc58ca87035dea64ae033f73c76735b0868a034ef53791754463a9055ddae | Triage

Sharing

General

Target

4dbbc58ca87035dea64ae033f73c76735b0868a034ef53791754463a9055ddae
Size

96KB
Sample

250108-3tbaxa1ncp
MD5

6d30139c97061226b75734e12f9c146f
SHA1

a432498b8f76246384be111074ef32d22e116f23
SHA256

4dbbc58ca87035dea64ae033f73c76735b0868a034ef53791754463a9055ddae
SHA512

feca400a35b991e71b65249c928f9aa9502459a55e1673d9ebc0af047b9a8b7a8909e391dbd2ede25652cd71f4caaed275f2461bc15e489993193a1ea703bbda
SSDEEP

1536:xnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:xGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  4dbbc58ca87035dea64ae033f73c76735b0868a034ef53791754463a9055ddae
- Size
  
  96KB
- MD5
  
  6d30139c97061226b75734e12f9c146f
- SHA1
  
  a432498b8f76246384be111074ef32d22e116f23
- SHA256
  
  4dbbc58ca87035dea64ae033f73c76735b0868a034ef53791754463a9055ddae
- SHA512
  
  feca400a35b991e71b65249c928f9aa9502459a55e1673d9ebc0af047b9a8b7a8909e391dbd2ede25652cd71f4caaed275f2461bc15e489993193a1ea703bbda
- SSDEEP
  
  1536:xnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:xGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan