neconyd | b067f350fcff00b18ccc9f6779e8ec49c2db062ac8cab36666f527fe2f3c8483 | Triage

Sharing

General

Target

b067f350fcff00b18ccc9f6779e8ec49c2db062ac8cab36666f527fe2f3c8483N.exe
Size

80KB
Sample

250117-nx1bwawkd1
MD5

ea52200dbd683bc5981df0295e11fa90
SHA1

61dfbd5f353534c5c7ad3b2824c1a12ce9098f9e
SHA256

b067f350fcff00b18ccc9f6779e8ec49c2db062ac8cab36666f527fe2f3c8483
SHA512

255555ae32d54ea6da40d6b53733984e7b1af65d1b20ce7dfd05746fbaa459ba57da43257f481e9c8727e3fc4094b4c641614a396e87a568ceb2d8ba7bebc4ef
SSDEEP

768:ifMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAO:ifbIvYvZEyFKF6N4yS+AQmZTl/5m

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  b067f350fcff00b18ccc9f6779e8ec49c2db062ac8cab36666f527fe2f3c8483N.exe
- Size
  
  80KB
- MD5
  
  ea52200dbd683bc5981df0295e11fa90
- SHA1
  
  61dfbd5f353534c5c7ad3b2824c1a12ce9098f9e
- SHA256
  
  b067f350fcff00b18ccc9f6779e8ec49c2db062ac8cab36666f527fe2f3c8483
- SHA512
  
  255555ae32d54ea6da40d6b53733984e7b1af65d1b20ce7dfd05746fbaa459ba57da43257f481e9c8727e3fc4094b4c641614a396e87a568ceb2d8ba7bebc4ef
- SSDEEP
  
  768:ifMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAO:ifbIvYvZEyFKF6N4yS+AQmZTl/5m
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan