neconyd | b69e0728656cd595854cabed4cb4298356423c2d4f61788da7e0d62aa7176748 | Triage

Sharing

General

Target

b69e0728656cd595854cabed4cb4298356423c2d4f61788da7e0d62aa7176748
Size

134KB
Sample

250118-ksk5lszjdm
MD5

931ecac4934cf5a1df86431eb9d2fa52
SHA1

8aae04793f6d310e3f7187fc82428953767a19b1
SHA256

b69e0728656cd595854cabed4cb4298356423c2d4f61788da7e0d62aa7176748
SHA512

ee02a0015b832b1de9e073122a240c36be2ea3c5ca18815a317e804d26c0eea25a60ec6599434a95614ccb9f913f772ff44932d251f471e3dcb87c154a37bd66
SSDEEP

1536:CDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:0iRTeH0iqAW6J6f1tqF6dngNmaZCia

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  b69e0728656cd595854cabed4cb4298356423c2d4f61788da7e0d62aa7176748
- Size
  
  134KB
- MD5
  
  931ecac4934cf5a1df86431eb9d2fa52
- SHA1
  
  8aae04793f6d310e3f7187fc82428953767a19b1
- SHA256
  
  b69e0728656cd595854cabed4cb4298356423c2d4f61788da7e0d62aa7176748
- SHA512
  
  ee02a0015b832b1de9e073122a240c36be2ea3c5ca18815a317e804d26c0eea25a60ec6599434a95614ccb9f913f772ff44932d251f471e3dcb87c154a37bd66
- SSDEEP
  
  1536:CDfDbhERTatPLTH0iqNZg3mqKv6y0RrwFd1tSEsF27da6ZW72Foj/MqMabadwCia:0iRTeH0iqAW6J6f1tqF6dngNmaZCia
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan