neconyd | 8e2afcbd027d859d3e26e92333df55813879ea4472d300969e254a74e005f229 | Triage

Sharing

General

Target

8e2afcbd027d859d3e26e92333df55813879ea4472d300969e254a74e005f229.exe
Size

80KB
Sample

250116-gwalhaxjhq
MD5

b4737e28abf9d45552e4aaef61991cec
SHA1

4bede00959e717060da43a28715e319d1497649b
SHA256

8e2afcbd027d859d3e26e92333df55813879ea4472d300969e254a74e005f229
SHA512

7ad8a2aee743e9fc19c5250e0edfd016a53d4be45a26a2377c114b447d8887e5c05ed3e3d36bb8befa1b587f4b6ff4ec78bac6e2fe8f20e5f0649ba3f21f3ccb
SSDEEP

1536:Ad9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzr:gdseIOMEZEyFjEOFqTiQmOl/5xPvwv

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  8e2afcbd027d859d3e26e92333df55813879ea4472d300969e254a74e005f229.exe
- Size
  
  80KB
- MD5
  
  b4737e28abf9d45552e4aaef61991cec
- SHA1
  
  4bede00959e717060da43a28715e319d1497649b
- SHA256
  
  8e2afcbd027d859d3e26e92333df55813879ea4472d300969e254a74e005f229
- SHA512
  
  7ad8a2aee743e9fc19c5250e0edfd016a53d4be45a26a2377c114b447d8887e5c05ed3e3d36bb8befa1b587f4b6ff4ec78bac6e2fe8f20e5f0649ba3f21f3ccb
- SSDEEP
  
  1536:Ad9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzr:gdseIOMEZEyFjEOFqTiQmOl/5xPvwv
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan