neconyd | 6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4 | Triage

Sharing

General

Target

6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4.exe
Size

96KB
Sample

250120-gw92csvqbk
MD5

8fc5f68cde19d34cf651fc419d9e231e
SHA1

ad35d560d15cb94f688f6caeceb72dce1870f059
SHA256

6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4
SHA512

86a8dc65e2f15ca424059ea67235a4b183fc7a3986b87495ebf114d7a665187032f7f226b72d2dee26fb4692b42c6a6bc213184c3717c18847ee71797a7f0aa5
SSDEEP

1536:LnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx6:LGs8cd8eXlYairZYqMddH136

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4.exe
- Size
  
  96KB
- MD5
  
  8fc5f68cde19d34cf651fc419d9e231e
- SHA1
  
  ad35d560d15cb94f688f6caeceb72dce1870f059
- SHA256
  
  6bc419bdef541e710b923044c31bbcb1b2ce2af98135333aefe0869d00d2e2e4
- SHA512
  
  86a8dc65e2f15ca424059ea67235a4b183fc7a3986b87495ebf114d7a665187032f7f226b72d2dee26fb4692b42c6a6bc213184c3717c18847ee71797a7f0aa5
- SSDEEP
  
  1536:LnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxx6:LGs8cd8eXlYairZYqMddH136
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan