neconyd | 180576a3dcebf919f587c9e59b526a6a21f5c32ee7fb4bd428ee37d4c1e7e244 | Triage

Sharing

General

Target

180576a3dcebf919f587c9e59b526a6a21f5c32ee7fb4bd428ee37d4c1e7e244N.exe
Size

96KB
Sample

250109-cbjw8avrer
MD5

7aa641b1d69c7cc218cf6aec1254e860
SHA1

a67079b0fb7d7185dc0cdad3537d8aea27d58e2b
SHA256

180576a3dcebf919f587c9e59b526a6a21f5c32ee7fb4bd428ee37d4c1e7e244
SHA512

fb3711ccc5da435de67879277213b975c7dd1a693075fb4617487dac7acd85c91323b9cdef1535112f42af9f23381b15dcfb9b0f1e4e5eb56cefafe4d897638d
SSDEEP

1536:vnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxR:vGs8cd8eXlYairZYqMddH13R

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  180576a3dcebf919f587c9e59b526a6a21f5c32ee7fb4bd428ee37d4c1e7e244N.exe
- Size
  
  96KB
- MD5
  
  7aa641b1d69c7cc218cf6aec1254e860
- SHA1
  
  a67079b0fb7d7185dc0cdad3537d8aea27d58e2b
- SHA256
  
  180576a3dcebf919f587c9e59b526a6a21f5c32ee7fb4bd428ee37d4c1e7e244
- SHA512
  
  fb3711ccc5da435de67879277213b975c7dd1a693075fb4617487dac7acd85c91323b9cdef1535112f42af9f23381b15dcfb9b0f1e4e5eb56cefafe4d897638d
- SSDEEP
  
  1536:vnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxR:vGs8cd8eXlYairZYqMddH13R
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan