neconyd | 012e87fea0541eeaab6620cd992bf3be1a86639f383eaf2a2be5f51cc2840870 | Triage

Sharing

General

Target

012e87fea0541eeaab6620cd992bf3be1a86639f383eaf2a2be5f51cc2840870
Size

96KB
Sample

250111-xtck3sypcn
MD5

cc333373eb0d0b42df1beb07df2b8695
SHA1

26bd3c3703f6e804f52741ec931c231f18d9dab6
SHA256

012e87fea0541eeaab6620cd992bf3be1a86639f383eaf2a2be5f51cc2840870
SHA512

cf3fc2074274d6f170f68b2ae6c8a75e77a0d3453f155229e13629aa7a38a0e6f0066e83327d63a1ccb28acbdb7fe6d22e21fd3f510bdb083274ebf17f6afdd8
SSDEEP

1536:tnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:tGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  012e87fea0541eeaab6620cd992bf3be1a86639f383eaf2a2be5f51cc2840870
- Size
  
  96KB
- MD5
  
  cc333373eb0d0b42df1beb07df2b8695
- SHA1
  
  26bd3c3703f6e804f52741ec931c231f18d9dab6
- SHA256
  
  012e87fea0541eeaab6620cd992bf3be1a86639f383eaf2a2be5f51cc2840870
- SHA512
  
  cf3fc2074274d6f170f68b2ae6c8a75e77a0d3453f155229e13629aa7a38a0e6f0066e83327d63a1ccb28acbdb7fe6d22e21fd3f510bdb083274ebf17f6afdd8
- SSDEEP
  
  1536:tnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:tGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan