neconyd | 5074cf9bbea6edb5e02d13f59505235b32b938d857c83fef8ced628e3a248bca | Triage

Sharing

General

Target

5074cf9bbea6edb5e02d13f59505235b32b938d857c83fef8ced628e3a248bca
Size

80KB
Sample

250116-asq1rasjcs
MD5

1be45c634fbcc66ae879f6df6189eaf1
SHA1

81f88506aebebb2758352317c4b0c66f836051cd
SHA256

5074cf9bbea6edb5e02d13f59505235b32b938d857c83fef8ced628e3a248bca
SHA512

d8e78a3cc4b01e8cc95034edfe93680d8a6a3b10356627374e1ad8631e09a28c7587ece71a9917e90ddb1a054d4daac2d670e1c08b1e67eb80000fb5e344a36a
SSDEEP

1536:Bd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzB:xdseIOMEZEyFjEOFqTiQmOl/5xPvwN

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5074cf9bbea6edb5e02d13f59505235b32b938d857c83fef8ced628e3a248bca
- Size
  
  80KB
- MD5
  
  1be45c634fbcc66ae879f6df6189eaf1
- SHA1
  
  81f88506aebebb2758352317c4b0c66f836051cd
- SHA256
  
  5074cf9bbea6edb5e02d13f59505235b32b938d857c83fef8ced628e3a248bca
- SHA512
  
  d8e78a3cc4b01e8cc95034edfe93680d8a6a3b10356627374e1ad8631e09a28c7587ece71a9917e90ddb1a054d4daac2d670e1c08b1e67eb80000fb5e344a36a
- SSDEEP
  
  1536:Bd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzB:xdseIOMEZEyFjEOFqTiQmOl/5xPvwN
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan