neconyd | a54e73624bac04faf4a2fe7f7aafcd0049da9858e072308385c49a49c918bdc9 | Triage

Sharing

General

Target

a54e73624bac04faf4a2fe7f7aafcd0049da9858e072308385c49a49c918bdc9.exe
Size

80KB
Sample

250116-zj9tyayqbq
MD5

2bd1b4ae19ffbf13ecb00389352934de
SHA1

f53b037e95446d7b52608b79ff5a7afa850c19ce
SHA256

a54e73624bac04faf4a2fe7f7aafcd0049da9858e072308385c49a49c918bdc9
SHA512

de9c6caa89d4928da0a8d5c323e488b64837a7356fe84c88a5278010b1fefe4587438f2d2def07cd5c311ec4b48c0668886fe4806222dad3e10f3af2876d8c04
SSDEEP

1536:Od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzb:WdseIOMEZEyFjEOFqTiQmOl/5xPvw/

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  a54e73624bac04faf4a2fe7f7aafcd0049da9858e072308385c49a49c918bdc9.exe
- Size
  
  80KB
- MD5
  
  2bd1b4ae19ffbf13ecb00389352934de
- SHA1
  
  f53b037e95446d7b52608b79ff5a7afa850c19ce
- SHA256
  
  a54e73624bac04faf4a2fe7f7aafcd0049da9858e072308385c49a49c918bdc9
- SHA512
  
  de9c6caa89d4928da0a8d5c323e488b64837a7356fe84c88a5278010b1fefe4587438f2d2def07cd5c311ec4b48c0668886fe4806222dad3e10f3af2876d8c04
- SSDEEP
  
  1536:Od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzb:WdseIOMEZEyFjEOFqTiQmOl/5xPvw/
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan