neconyd | c1a82d38f06663a6fab134b570d484c13dac7cb3a8223ad6aa56d9db818bab68 | Triage

Sharing

General

Target

c1a82d38f06663a6fab134b570d484c13dac7cb3a8223ad6aa56d9db818bab68N.exe
Size

72KB
Sample

250112-wdbheaskf1
MD5

81dffcc978e4fb925e61accb421f7ae0
SHA1

b9614d881fbf42c234272ba91063340f394ab7fc
SHA256

c1a82d38f06663a6fab134b570d484c13dac7cb3a8223ad6aa56d9db818bab68
SHA512

2a81dc6a9dee27965042a800df6ee6a316398a39d06c552368a3e9b3cafb93fc9aebe4c48fe721578e4db5fcf94d63a25b312fe8a9778155e7dfbfa2a5f0f038
SSDEEP

1536:Sd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5211P:idseIOMEZEyFjEOFqTiQm5l/5211P

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c1a82d38f06663a6fab134b570d484c13dac7cb3a8223ad6aa56d9db818bab68N.exe
- Size
  
  72KB
- MD5
  
  81dffcc978e4fb925e61accb421f7ae0
- SHA1
  
  b9614d881fbf42c234272ba91063340f394ab7fc
- SHA256
  
  c1a82d38f06663a6fab134b570d484c13dac7cb3a8223ad6aa56d9db818bab68
- SHA512
  
  2a81dc6a9dee27965042a800df6ee6a316398a39d06c552368a3e9b3cafb93fc9aebe4c48fe721578e4db5fcf94d63a25b312fe8a9778155e7dfbfa2a5f0f038
- SSDEEP
  
  1536:Sd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5211P:idseIOMEZEyFjEOFqTiQm5l/5211P
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan