neconyd | cd9cf703a85203174085df18bdebffb31c34f43430a529d0f1e8ecee1d667df7 | Triage

Sharing

General

Target

cd9cf703a85203174085df18bdebffb31c34f43430a529d0f1e8ecee1d667df7.exe
Size

71KB
Sample

250117-q82p7azqdw
MD5

104baa331a54a4cbb1a63f148fe1d027
SHA1

d878c66498e2714e53f81eab13537fc1d4e2bc3d
SHA256

cd9cf703a85203174085df18bdebffb31c34f43430a529d0f1e8ecee1d667df7
SHA512

29f0aa29ce067e854c1d9f0b4b29014f886a2dac8e4b5843f66e44a02fcdff256f638c956ca1e2e4ad939b0fe781c73c1899a2148b27e43987f4b8871b067a16
SSDEEP

1536:xd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbHv:BdseIOMEZEyFjEOFqTiQmQDHIbHv

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  cd9cf703a85203174085df18bdebffb31c34f43430a529d0f1e8ecee1d667df7.exe
- Size
  
  71KB
- MD5
  
  104baa331a54a4cbb1a63f148fe1d027
- SHA1
  
  d878c66498e2714e53f81eab13537fc1d4e2bc3d
- SHA256
  
  cd9cf703a85203174085df18bdebffb31c34f43430a529d0f1e8ecee1d667df7
- SHA512
  
  29f0aa29ce067e854c1d9f0b4b29014f886a2dac8e4b5843f66e44a02fcdff256f638c956ca1e2e4ad939b0fe781c73c1899a2148b27e43987f4b8871b067a16
- SSDEEP
  
  1536:xd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZSDHIbHv:BdseIOMEZEyFjEOFqTiQmQDHIbHv
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan