neconyd | 5cf907c0ffa72b523dc6ce94e687ba97de983577b4e76cd0324a4b893d12b15f | Triage

Sharing

General

Target

5cf907c0ffa72b523dc6ce94e687ba97de983577b4e76cd0324a4b893d12b15fN.exe
Size

89KB
Sample

250116-thhq6synem
MD5

4da82766ce647732f535219d482aacd0
SHA1

9bbcbcc011b588d0bced8cfea65780b35d347389
SHA256

5cf907c0ffa72b523dc6ce94e687ba97de983577b4e76cd0324a4b893d12b15f
SHA512

ac57bb6455f9ea1f5f68bb8981591c7b87a82d5fd34f90cf84a92694a4c2532d305407f30b6e3f8150b1db466e6c81540f2d232263251e7210af7b306c023afd
SSDEEP

768:4MEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA1:4bIvYvZEyFKF6N4yS+AQmZTl/5d

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5cf907c0ffa72b523dc6ce94e687ba97de983577b4e76cd0324a4b893d12b15fN.exe
- Size
  
  89KB
- MD5
  
  4da82766ce647732f535219d482aacd0
- SHA1
  
  9bbcbcc011b588d0bced8cfea65780b35d347389
- SHA256
  
  5cf907c0ffa72b523dc6ce94e687ba97de983577b4e76cd0324a4b893d12b15f
- SHA512
  
  ac57bb6455f9ea1f5f68bb8981591c7b87a82d5fd34f90cf84a92694a4c2532d305407f30b6e3f8150b1db466e6c81540f2d232263251e7210af7b306c023afd
- SSDEEP
  
  768:4MEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uA1:4bIvYvZEyFKF6N4yS+AQmZTl/5d
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan