neconyd | 3f4dbe21b5ff09d0a6659fa8930f7e492d20855b69b5e5fed6de4ef3133ad3c9 | Triage

Sharing

General

Target

3f4dbe21b5ff09d0a6659fa8930f7e492d20855b69b5e5fed6de4ef3133ad3c9N
Size

80KB
Sample

250113-c52dcs1rhs
MD5

8c4c386190b625b32bd6f10b89289250
SHA1

b2ccd6e71e1b241fb65991f03b98b5ce012eea29
SHA256

3f4dbe21b5ff09d0a6659fa8930f7e492d20855b69b5e5fed6de4ef3133ad3c9
SHA512

d7d6b4157ab90eb6883b336c6d8c7e07f93f571ff0f4212e7ed0abc6b5ae17259fd2dec366e764a7f65026f506219e78ed05cb8cdeac36584dc3597b531a8039
SSDEEP

1536:9d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzJ:1dseIOMEZEyFjEOFqTiQmOl/5xPvwV

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  3f4dbe21b5ff09d0a6659fa8930f7e492d20855b69b5e5fed6de4ef3133ad3c9N
- Size
  
  80KB
- MD5
  
  8c4c386190b625b32bd6f10b89289250
- SHA1
  
  b2ccd6e71e1b241fb65991f03b98b5ce012eea29
- SHA256
  
  3f4dbe21b5ff09d0a6659fa8930f7e492d20855b69b5e5fed6de4ef3133ad3c9
- SHA512
  
  d7d6b4157ab90eb6883b336c6d8c7e07f93f571ff0f4212e7ed0abc6b5ae17259fd2dec366e764a7f65026f506219e78ed05cb8cdeac36584dc3597b531a8039
- SSDEEP
  
  1536:9d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzJ:1dseIOMEZEyFjEOFqTiQmOl/5xPvwV
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan