neconyd | 1a3b86c91a20832fc5bd3637d4b511a21e94898b9bb65c363b82340f722507d1 | Triage

Sharing

General

Target

1a3b86c91a20832fc5bd3637d4b511a21e94898b9bb65c363b82340f722507d1N.exe
Size

96KB
Sample

250120-2pqdlatjdk
MD5

d859eddc3229abfa0ad3979a10e73800
SHA1

57e3e460dbdb277bec56b892f27d24b01a308bee
SHA256

1a3b86c91a20832fc5bd3637d4b511a21e94898b9bb65c363b82340f722507d1
SHA512

0795e2fe740b2e80da864518db47ab0e884380e6357e5c7b78f7054ace55f3f7f463faa03e9f112670f41fa79e8343bd0b0b9dbe36f20e94cb0c2aaa7aa67a02
SSDEEP

1536:qnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:qGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  1a3b86c91a20832fc5bd3637d4b511a21e94898b9bb65c363b82340f722507d1N.exe
- Size
  
  96KB
- MD5
  
  d859eddc3229abfa0ad3979a10e73800
- SHA1
  
  57e3e460dbdb277bec56b892f27d24b01a308bee
- SHA256
  
  1a3b86c91a20832fc5bd3637d4b511a21e94898b9bb65c363b82340f722507d1
- SHA512
  
  0795e2fe740b2e80da864518db47ab0e884380e6357e5c7b78f7054ace55f3f7f463faa03e9f112670f41fa79e8343bd0b0b9dbe36f20e94cb0c2aaa7aa67a02
- SSDEEP
  
  1536:qnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:qGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan