neconyd | 52a2f3427764b71e5c9bb4ad8d06f2faa459fae8e5a7163cc0b03aeba40161e7 | Triage

Sharing

General

Target

52a2f3427764b71e5c9bb4ad8d06f2faa459fae8e5a7163cc0b03aeba40161e7.exe
Size

71KB
Sample

250117-fhlk6ssnbz
MD5

21cc6c38f55dc1d69047ff39215232c0
SHA1

94c2c34f29f4446f31cfcb34a173e099d12491a5
SHA256

52a2f3427764b71e5c9bb4ad8d06f2faa459fae8e5a7163cc0b03aeba40161e7
SHA512

5bb568df180a048c0b3030544db0bf98fc5724aa67552eba353d0adac9c1d4b35b131028dcb25497a06e1e0cc6e19cde5e6fdfaead0929a9d14964a2d1aa4b14
SSDEEP

1536:Hd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbHH:vdseIOMEZEyFjEOFqTiQmQDHIbHH

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  52a2f3427764b71e5c9bb4ad8d06f2faa459fae8e5a7163cc0b03aeba40161e7.exe
- Size
  
  71KB
- MD5
  
  21cc6c38f55dc1d69047ff39215232c0
- SHA1
  
  94c2c34f29f4446f31cfcb34a173e099d12491a5
- SHA256
  
  52a2f3427764b71e5c9bb4ad8d06f2faa459fae8e5a7163cc0b03aeba40161e7
- SHA512
  
  5bb568df180a048c0b3030544db0bf98fc5724aa67552eba353d0adac9c1d4b35b131028dcb25497a06e1e0cc6e19cde5e6fdfaead0929a9d14964a2d1aa4b14
- SSDEEP
  
  1536:Hd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbHH:vdseIOMEZEyFjEOFqTiQmQDHIbHH
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan