neconyd | 981937fdf4cd5ea4481013ddf1d3247faca74b0449477c1286a7aff2916125d9 | Triage

Sharing

General

Target

981937fdf4cd5ea4481013ddf1d3247faca74b0449477c1286a7aff2916125d9.exe
Size

61KB
Sample

250112-1zz54stqbk
MD5

1d429541a12776cd14dff027a4dbd4ff
SHA1

ccfc261cb2cd7e534957f8f90c1d6869a4ac3cd5
SHA256

981937fdf4cd5ea4481013ddf1d3247faca74b0449477c1286a7aff2916125d9
SHA512

05c1ebaa68292a96ac52e4ede6524b1c3907d72e81c479bf842b0222bb30a5413ec3aef53eacbc3b389a24c57041d715876e326626c117dea59340dd069a7f37
SSDEEP

1536:ed9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZll/5/:GdseIOMEZEyFjEOFqTiQmPl/5/

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  981937fdf4cd5ea4481013ddf1d3247faca74b0449477c1286a7aff2916125d9.exe
- Size
  
  61KB
- MD5
  
  1d429541a12776cd14dff027a4dbd4ff
- SHA1
  
  ccfc261cb2cd7e534957f8f90c1d6869a4ac3cd5
- SHA256
  
  981937fdf4cd5ea4481013ddf1d3247faca74b0449477c1286a7aff2916125d9
- SHA512
  
  05c1ebaa68292a96ac52e4ede6524b1c3907d72e81c479bf842b0222bb30a5413ec3aef53eacbc3b389a24c57041d715876e326626c117dea59340dd069a7f37
- SSDEEP
  
  1536:ed9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZll/5/:GdseIOMEZEyFjEOFqTiQmPl/5/
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan