neconyd | 19109267c40fdffcb60d1b0351989d4db980dac738831fbcffd0a421ad72a096 | Triage

Sharing

General

Target

19109267c40fdffcb60d1b0351989d4db980dac738831fbcffd0a421ad72a096
Size

96KB
Sample

250110-zhr8hawpew
MD5

b6c11374a70c8c650f8555c2e6a77acc
SHA1

d3c3a0de61b638e44e9372315193b8f342af5914
SHA256

19109267c40fdffcb60d1b0351989d4db980dac738831fbcffd0a421ad72a096
SHA512

acbe633c216b2e7851af349492c8985c1467bbdfad64183cf62e0dc8f6ff785b221a06d1591b7fdd4d2fc757d2fe43cca61c9a95f9dbd81461ea6f1244b46d81
SSDEEP

1536:DnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:DGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  19109267c40fdffcb60d1b0351989d4db980dac738831fbcffd0a421ad72a096
- Size
  
  96KB
- MD5
  
  b6c11374a70c8c650f8555c2e6a77acc
- SHA1
  
  d3c3a0de61b638e44e9372315193b8f342af5914
- SHA256
  
  19109267c40fdffcb60d1b0351989d4db980dac738831fbcffd0a421ad72a096
- SHA512
  
  acbe633c216b2e7851af349492c8985c1467bbdfad64183cf62e0dc8f6ff785b221a06d1591b7fdd4d2fc757d2fe43cca61c9a95f9dbd81461ea6f1244b46d81
- SSDEEP
  
  1536:DnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:DGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan