neconyd | 07ee6d797fcb3ea339d26ea2a429ccd810a26c627d564b3d6e6743dea230ea54 | Triage

Sharing

General

Target

07ee6d797fcb3ea339d26ea2a429ccd810a26c627d564b3d6e6743dea230ea54
Size

65KB
Sample

250119-yee84atkdm
MD5

411cf69a0de4b66bf6aa9c605f7d8cf4
SHA1

e79c594d7ac424a9f5a6907ecf1ebe9b9fdff824
SHA256

07ee6d797fcb3ea339d26ea2a429ccd810a26c627d564b3d6e6743dea230ea54
SHA512

246d990120c444d47652144bc4bc14dac27b68c3a0bb1c4d6bf61ca6ebbb5ed00f02d7e628c950c2aa384525267af4845c11b27b88c3356aa08f5b4f63da60dd
SSDEEP

1536:7d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZ/Hz:LdseIO+EZEyFjEOFqTiQmRHz

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  07ee6d797fcb3ea339d26ea2a429ccd810a26c627d564b3d6e6743dea230ea54
- Size
  
  65KB
- MD5
  
  411cf69a0de4b66bf6aa9c605f7d8cf4
- SHA1
  
  e79c594d7ac424a9f5a6907ecf1ebe9b9fdff824
- SHA256
  
  07ee6d797fcb3ea339d26ea2a429ccd810a26c627d564b3d6e6743dea230ea54
- SHA512
  
  246d990120c444d47652144bc4bc14dac27b68c3a0bb1c4d6bf61ca6ebbb5ed00f02d7e628c950c2aa384525267af4845c11b27b88c3356aa08f5b4f63da60dd
- SSDEEP
  
  1536:7d9dseIOc+93bIvYvZEyF4EEOF6N4yS+AQmZ/Hz:LdseIO+EZEyFjEOFqTiQmRHz
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan