neconyd | c966db3d63243bc569d4885d5e287cdd70b5424e56170809f1f1f1812d214f76 | Triage

Sharing

General

Target

c966db3d63243bc569d4885d5e287cdd70b5424e56170809f1f1f1812d214f76.exe
Size

64KB
Sample

250116-p8qr9aslgj
MD5

aab4f2433346d23f9d0d8a935ca9f441
SHA1

e64bb91c75ad5a2ecd5c1e24466f22f1fce5f7b4
SHA256

c966db3d63243bc569d4885d5e287cdd70b5424e56170809f1f1f1812d214f76
SHA512

bac30460964dc6928d2fdb85cb53b5e6a755f580f077c85780bddf27e2404ed42ad96d660ac5b646266a97d95a3e8413f79f677dd2b0d0790a3d7891b94f6585
SSDEEP

768:sMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAt:sbIvYvZEyFKF6N4yS+AQmZcl/5V

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c966db3d63243bc569d4885d5e287cdd70b5424e56170809f1f1f1812d214f76.exe
- Size
  
  64KB
- MD5
  
  aab4f2433346d23f9d0d8a935ca9f441
- SHA1
  
  e64bb91c75ad5a2ecd5c1e24466f22f1fce5f7b4
- SHA256
  
  c966db3d63243bc569d4885d5e287cdd70b5424e56170809f1f1f1812d214f76
- SHA512
  
  bac30460964dc6928d2fdb85cb53b5e6a755f580f077c85780bddf27e2404ed42ad96d660ac5b646266a97d95a3e8413f79f677dd2b0d0790a3d7891b94f6585
- SSDEEP
  
  768:sMEIvFGvZEr8LFK0ic46N47eSdYAHwmZwSp6JXXlaa5uAt:sbIvYvZEyFKF6N4yS+AQmZcl/5V
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan