neconyd | bfc407eea9c173b06eb05a1ac70f561efcc924eff26d4564d48cce337334cf88 | Triage

Sharing

General

Target

bfc407eea9c173b06eb05a1ac70f561efcc924eff26d4564d48cce337334cf88.exe
Size

96KB
Sample

250108-fm3egsxndq
MD5

78218d41fd66e7e6cadd47af577f71e1
SHA1

aa8a7ded8287b189a1a6cf82fbce6f71b6bcd688
SHA256

bfc407eea9c173b06eb05a1ac70f561efcc924eff26d4564d48cce337334cf88
SHA512

7ec64b25ef5db3a3070b663c4f46b87daa54a54624ceeda1644e09e8ba6cec2c45c7d7d02920d522ff8c1dadcc11e127f7eb4aecc9c03c1e1e182dd3e02539a3
SSDEEP

1536:znAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxr:zGs8cd8eXlYairZYqMddH13r

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  bfc407eea9c173b06eb05a1ac70f561efcc924eff26d4564d48cce337334cf88.exe
- Size
  
  96KB
- MD5
  
  78218d41fd66e7e6cadd47af577f71e1
- SHA1
  
  aa8a7ded8287b189a1a6cf82fbce6f71b6bcd688
- SHA256
  
  bfc407eea9c173b06eb05a1ac70f561efcc924eff26d4564d48cce337334cf88
- SHA512
  
  7ec64b25ef5db3a3070b663c4f46b87daa54a54624ceeda1644e09e8ba6cec2c45c7d7d02920d522ff8c1dadcc11e127f7eb4aecc9c03c1e1e182dd3e02539a3
- SSDEEP
  
  1536:znAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxr:zGs8cd8eXlYairZYqMddH13r
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan