neconyd | c51daafbafe4a8521bf2cb7fbf4550ff2c7ba0227b37ffca1741e8617c5da972 | Triage

Sharing

General

Target

c51daafbafe4a8521bf2cb7fbf4550ff2c7ba0227b37ffca1741e8617c5da972N.exe
Size

96KB
Sample

250116-d7m47azmcx
MD5

4d7565fd278b35592d7e4be90523b770
SHA1

fd9c3504f56ee5596f7249bed151ca87823f1b46
SHA256

c51daafbafe4a8521bf2cb7fbf4550ff2c7ba0227b37ffca1741e8617c5da972
SHA512

22f87d8fe9ed341165baf6a37f18163f9a9be06af7e491b269ef3ebe2a192c764ce5c992c4270e8b82878b68a062073f5c239836231adadb12c28db0218af15b
SSDEEP

1536:onAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxx:oGs8cd8eXlYairZYqMddH13x

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c51daafbafe4a8521bf2cb7fbf4550ff2c7ba0227b37ffca1741e8617c5da972N.exe
- Size
  
  96KB
- MD5
  
  4d7565fd278b35592d7e4be90523b770
- SHA1
  
  fd9c3504f56ee5596f7249bed151ca87823f1b46
- SHA256
  
  c51daafbafe4a8521bf2cb7fbf4550ff2c7ba0227b37ffca1741e8617c5da972
- SHA512
  
  22f87d8fe9ed341165baf6a37f18163f9a9be06af7e491b269ef3ebe2a192c764ce5c992c4270e8b82878b68a062073f5c239836231adadb12c28db0218af15b
- SSDEEP
  
  1536:onAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxx:oGs8cd8eXlYairZYqMddH13x
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan