neconyd | c35fdcce61d0b56b993c3e8bb495ea0c8f51f43ab39f30bfd7f629eaf3a2d590 | Triage

Sharing

General

Target

c35fdcce61d0b56b993c3e8bb495ea0c8f51f43ab39f30bfd7f629eaf3a2d590.exe
Size

80KB
Sample

250120-kh6nka1jgy
MD5

6b1d0da3d634c4d601247ec73c3a1046
SHA1

592151cc1d7029baf7a15ec4545e893142176130
SHA256

c35fdcce61d0b56b993c3e8bb495ea0c8f51f43ab39f30bfd7f629eaf3a2d590
SHA512

915ab92bd344117e9eb74b8ec78cce6ec7c9a05e0341d8acedf12eb2bcd75865c3fa5aa4a27355845d5afd3a5dea298ce4e24732ef0ec673f5047328a440e695
SSDEEP

1536:ld9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzh:NdseIOMEZEyFjEOFqTiQmOl/5xPvwt

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c35fdcce61d0b56b993c3e8bb495ea0c8f51f43ab39f30bfd7f629eaf3a2d590.exe
- Size
  
  80KB
- MD5
  
  6b1d0da3d634c4d601247ec73c3a1046
- SHA1
  
  592151cc1d7029baf7a15ec4545e893142176130
- SHA256
  
  c35fdcce61d0b56b993c3e8bb495ea0c8f51f43ab39f30bfd7f629eaf3a2d590
- SHA512
  
  915ab92bd344117e9eb74b8ec78cce6ec7c9a05e0341d8acedf12eb2bcd75865c3fa5aa4a27355845d5afd3a5dea298ce4e24732ef0ec673f5047328a440e695
- SSDEEP
  
  1536:ld9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9Xwzh:NdseIOMEZEyFjEOFqTiQmOl/5xPvwt
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan