neconyd | 5c3f04b162538d05c368c5c4f3123e4a914c64200b5fdb91e524ce5f977ae490 | Triage

Sharing

General

Target

5c3f04b162538d05c368c5c4f3123e4a914c64200b5fdb91e524ce5f977ae490N.exe
Size

80KB
Sample

250117-dq1zqa1ldr
MD5

431e044ebf05b222a2a8135ddc28cb70
SHA1

9aadb3aeae060ffc8f6bd055a4a06413a135eb4c
SHA256

5c3f04b162538d05c368c5c4f3123e4a914c64200b5fdb91e524ce5f977ae490
SHA512

39958eaef07cad655fa0858af0abe45c1a6551aeae8ffda7e3879b40f9c324b1ec329227a6e810f069e83f98174f06f6ce89960ddb69c888fd70ec8605429ba4
SSDEEP

1536:Od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzB:WdseIOMEZEyFjEOFqTiQmOl/5xPvwN

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  5c3f04b162538d05c368c5c4f3123e4a914c64200b5fdb91e524ce5f977ae490N.exe
- Size
  
  80KB
- MD5
  
  431e044ebf05b222a2a8135ddc28cb70
- SHA1
  
  9aadb3aeae060ffc8f6bd055a4a06413a135eb4c
- SHA256
  
  5c3f04b162538d05c368c5c4f3123e4a914c64200b5fdb91e524ce5f977ae490
- SHA512
  
  39958eaef07cad655fa0858af0abe45c1a6551aeae8ffda7e3879b40f9c324b1ec329227a6e810f069e83f98174f06f6ce89960ddb69c888fd70ec8605429ba4
- SSDEEP
  
  1536:Od9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzB:WdseIOMEZEyFjEOFqTiQmOl/5xPvwN
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan