neconyd | 3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3 | Triage

Sharing

General

Target

3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3.exe
Size

33KB
Sample

250112-m67a4sslbn
MD5

e5b42dd7efabacf213b0424c30e7ae8e
SHA1

f77548bd265bf7e742a37ddfa47b154a845a3567
SHA256

3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3
SHA512

ee79cf176c41424e0487571eb9d59c57a8e2544f1b9acbb6e15feccaf0eac441d6ff3a8825d5ad2d57e2b106ab65e78007fc65d9cb95136b1c6904da9822adb2
SSDEEP

768:0fVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7DF:0fVRztyHo8QNHTk0qE5fslvN/956qo

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3.exe
- Size
  
  33KB
- MD5
  
  e5b42dd7efabacf213b0424c30e7ae8e
- SHA1
  
  f77548bd265bf7e742a37ddfa47b154a845a3567
- SHA256
  
  3b70d7a6eca937fbf9c3253e2e55733008ae25f19e054afcc7e5bdf2a170b7b3
- SHA512
  
  ee79cf176c41424e0487571eb9d59c57a8e2544f1b9acbb6e15feccaf0eac441d6ff3a8825d5ad2d57e2b106ab65e78007fc65d9cb95136b1c6904da9822adb2
- SSDEEP
  
  768:0fVhP/4kt3+9IV6Y90ksQ1oWHT0hh0vy9S5fsYGbTmoN/yE56hlSQ7DF:0fVRztyHo8QNHTk0qE5fslvN/956qo
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan