neconyd | 5dec60b483090bd6925b7810da127926db7f827d5b33e64c4acad05f9a18c8c5 | Triage

Sharing

General

Target

5dec60b483090bd6925b7810da127926db7f827d5b33e64c4acad05f9a18c8c5.exe
Size

65KB
Sample

250109-fz127asmeq
MD5

5082b2e5147f1b4d7e65056ee998085a
SHA1

1074978aadba45482646ddb15d015fd50ce8def8
SHA256

5dec60b483090bd6925b7810da127926db7f827d5b33e64c4acad05f9a18c8c5
SHA512

efa25bb2b9564fab813c388fe329af9346e2d2dfd5a4681324a2217b6c81c77aa523db59ac53791e242f0c3beb73202f15009db9cb7099e5689611c3c2080be2
SSDEEP

1536:Ud9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZ/Hzf:sdseIO+EZEyFjEOFqTiQmRHzf

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5dec60b483090bd6925b7810da127926db7f827d5b33e64c4acad05f9a18c8c5.exe
- Size
  
  65KB
- MD5
  
  5082b2e5147f1b4d7e65056ee998085a
- SHA1
  
  1074978aadba45482646ddb15d015fd50ce8def8
- SHA256
  
  5dec60b483090bd6925b7810da127926db7f827d5b33e64c4acad05f9a18c8c5
- SHA512
  
  efa25bb2b9564fab813c388fe329af9346e2d2dfd5a4681324a2217b6c81c77aa523db59ac53791e242f0c3beb73202f15009db9cb7099e5689611c3c2080be2
- SSDEEP
  
  1536:Ud9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZ/Hzf:sdseIO+EZEyFjEOFqTiQmRHzf
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan