neconyd | 7221f5495948d5f28e42a280b0a92a6c8f407052615be38f88019a78ddf4799a | Triage

Sharing

General

Target

7221f5495948d5f28e42a280b0a92a6c8f407052615be38f88019a78ddf4799aN.exe
Size

76KB
Sample

250111-w8rg4swket
MD5

69283bb5bc570089d169328e822ac0e0
SHA1

f124019a4ccd967b4a91dafce59097ef6d845850
SHA256

7221f5495948d5f28e42a280b0a92a6c8f407052615be38f88019a78ddf4799a
SHA512

14306466426455e85d9805d509a89c5809c836a87607742b0bea83873831736544ded10e2779f808185cf8d976be2f999093fc5643e0616858b1c64c0447333b
SSDEEP

1536:Xd9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11H:fdseIOMEZEyFjEOFqaiQm5l/5w11H

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7221f5495948d5f28e42a280b0a92a6c8f407052615be38f88019a78ddf4799aN.exe
- Size
  
  76KB
- MD5
  
  69283bb5bc570089d169328e822ac0e0
- SHA1
  
  f124019a4ccd967b4a91dafce59097ef6d845850
- SHA256
  
  7221f5495948d5f28e42a280b0a92a6c8f407052615be38f88019a78ddf4799a
- SHA512
  
  14306466426455e85d9805d509a89c5809c836a87607742b0bea83873831736544ded10e2779f808185cf8d976be2f999093fc5643e0616858b1c64c0447333b
- SSDEEP
  
  1536:Xd9dseIOcE93bIvYvZEyF4EEOF6N4XS+AQmZTl/5w11H:fdseIOMEZEyFjEOFqaiQm5l/5w11H
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan