neconyd | c22b3166089a020c67c4b277127311ec85fc53feb5433e02f4f4b021cbd7c2ae | Triage

Sharing

General

Target

c22b3166089a020c67c4b277127311ec85fc53feb5433e02f4f4b021cbd7c2aeN.exe
Size

71KB
Sample

250116-1ykzsssjgl
MD5

9ee6e6a3aee111dea260c4500c4c34f0
SHA1

00d961b5e29126a2dc0f3c10f4ba3416ad1746c0
SHA256

c22b3166089a020c67c4b277127311ec85fc53feb5433e02f4f4b021cbd7c2ae
SHA512

ae100dd7fcb57213e95305884e8a687b6de5fd8cb16cd5ace748015c767f6027570dbd23a2486591af3b8ec91043b0c8fd9b1f48c4722f211f116403a9f229aa
SSDEEP

1536:xd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbHt:BdseIOMEZEyFjEOFqTiQmQDHIbHt

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c22b3166089a020c67c4b277127311ec85fc53feb5433e02f4f4b021cbd7c2aeN.exe
- Size
  
  71KB
- MD5
  
  9ee6e6a3aee111dea260c4500c4c34f0
- SHA1
  
  00d961b5e29126a2dc0f3c10f4ba3416ad1746c0
- SHA256
  
  c22b3166089a020c67c4b277127311ec85fc53feb5433e02f4f4b021cbd7c2ae
- SHA512
  
  ae100dd7fcb57213e95305884e8a687b6de5fd8cb16cd5ace748015c767f6027570dbd23a2486591af3b8ec91043b0c8fd9b1f48c4722f211f116403a9f229aa
- SSDEEP
  
  1536:xd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbHt:BdseIOMEZEyFjEOFqTiQmQDHIbHt
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan