neconyd | 5d8f6b81dfd784dcf6cf046790c49f5450fd94179a47b79bca98f70b991a0278 | Triage

Sharing

General

Target

JaffaCakes118_d1c0397f95c70d883635c76d911a9d34
Size

68KB
Sample

250109-zc2vrasmgl
MD5

d1c0397f95c70d883635c76d911a9d34
SHA1

a38db2e6e202fcc2e518ab10bc469bee5c188257
SHA256

5d8f6b81dfd784dcf6cf046790c49f5450fd94179a47b79bca98f70b991a0278
SHA512

9c2d990971ae034c69283a76933b35e4f93e32df5e5d885af8dd1e534974005c65af85482799bb6aa65e1afc0e03abec02c1c1273805e17f66cd8ea7a1fe0d71
SSDEEP

768:5MEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:5bIvYvZEyFKF6N4yS+AQmZTl/5

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  JaffaCakes118_d1c0397f95c70d883635c76d911a9d34
- Size
  
  68KB
- MD5
  
  d1c0397f95c70d883635c76d911a9d34
- SHA1
  
  a38db2e6e202fcc2e518ab10bc469bee5c188257
- SHA256
  
  5d8f6b81dfd784dcf6cf046790c49f5450fd94179a47b79bca98f70b991a0278
- SHA512
  
  9c2d990971ae034c69283a76933b35e4f93e32df5e5d885af8dd1e534974005c65af85482799bb6aa65e1afc0e03abec02c1c1273805e17f66cd8ea7a1fe0d71
- SSDEEP
  
  768:5MEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA:5bIvYvZEyFKF6N4yS+AQmZTl/5
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan