neconyd | 93599d935cd4e21bf1f113773ea735d90319140f27fdab3a2f8b7aa4774e8d21 | Triage

Sharing

General

Target

93599d935cd4e21bf1f113773ea735d90319140f27fdab3a2f8b7aa4774e8d21
Size

134KB
Sample

250110-e9s9navlfr
MD5

dc35c9d2c141e65a01fed54e5f4b06fb
SHA1

87b929eb932881f275296c2c8c4bf456613a85bf
SHA256

93599d935cd4e21bf1f113773ea735d90319140f27fdab3a2f8b7aa4774e8d21
SHA512

878ce2e60ea0516fa51109eaf17b561499eb77c8e927c7ea5912a85f6e552aa3c0d75addaf27af5b20c89b7d812b4588076199a409b14c977c96724d71e9c997
SSDEEP

1536:XDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCid:ziRTeH0iqAW6J6f1tqF6dngNmaZCiaI

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  93599d935cd4e21bf1f113773ea735d90319140f27fdab3a2f8b7aa4774e8d21
- Size
  
  134KB
- MD5
  
  dc35c9d2c141e65a01fed54e5f4b06fb
- SHA1
  
  87b929eb932881f275296c2c8c4bf456613a85bf
- SHA256
  
  93599d935cd4e21bf1f113773ea735d90319140f27fdab3a2f8b7aa4774e8d21
- SHA512
  
  878ce2e60ea0516fa51109eaf17b561499eb77c8e927c7ea5912a85f6e552aa3c0d75addaf27af5b20c89b7d812b4588076199a409b14c977c96724d71e9c997
- SSDEEP
  
  1536:XDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCid:ziRTeH0iqAW6J6f1tqF6dngNmaZCiaI
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan