neconyd | 7889604f8ce1bd4cc6fb7e9cb8e645bbc5b36c6fb30d5250fba04cc5e1ace1c9 | Triage

Sharing

General

Target

7889604f8ce1bd4cc6fb7e9cb8e645bbc5b36c6fb30d5250fba04cc5e1ace1c9.exe
Size

88KB
Sample

250116-bmqngatnav
MD5

b80b91e774206ac0a892f1a142188ed1
SHA1

b2116de24cde14d95765d44fc06474f2211b9cee
SHA256

7889604f8ce1bd4cc6fb7e9cb8e645bbc5b36c6fb30d5250fba04cc5e1ace1c9
SHA512

f5907b69eaa2315357a98d3c25764611ec2729677bc6df06ec3a6912965c7a333521845033d493a0756f4eab96cc571dfbc0992a333b9fa30ca14b2dff616d13
SSDEEP

1536:1d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5D:9dseIOMEZEyFjEOFqTiQm5l/5D

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7889604f8ce1bd4cc6fb7e9cb8e645bbc5b36c6fb30d5250fba04cc5e1ace1c9.exe
- Size
  
  88KB
- MD5
  
  b80b91e774206ac0a892f1a142188ed1
- SHA1
  
  b2116de24cde14d95765d44fc06474f2211b9cee
- SHA256
  
  7889604f8ce1bd4cc6fb7e9cb8e645bbc5b36c6fb30d5250fba04cc5e1ace1c9
- SHA512
  
  f5907b69eaa2315357a98d3c25764611ec2729677bc6df06ec3a6912965c7a333521845033d493a0756f4eab96cc571dfbc0992a333b9fa30ca14b2dff616d13
- SSDEEP
  
  1536:1d9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5D:9dseIOMEZEyFjEOFqTiQm5l/5D
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan