neconyd | c391e11cbfc87e81cca19d260339ea7aab4fcbd65627049655a80ca58e75bc19 | Triage

Sharing

General

Target

c391e11cbfc87e81cca19d260339ea7aab4fcbd65627049655a80ca58e75bc19N.exe
Size

96KB
Sample

250120-sk8jyavqdy
MD5

727d467bdd8b079da7d3d114a32f64a0
SHA1

a7fcc4f0b24e119b9b22817a3ed7ba8d9ec03435
SHA256

c391e11cbfc87e81cca19d260339ea7aab4fcbd65627049655a80ca58e75bc19
SHA512

5b2e2a8e613da625a32efd01a5e4c4b7ae014c30bcb4601d84b2d57bfa84dc04c8af08cb6129a5b94876287e242ed178d03619529c35e46b125c6ae9138548ec
SSDEEP

1536:tnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:tGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  c391e11cbfc87e81cca19d260339ea7aab4fcbd65627049655a80ca58e75bc19N.exe
- Size
  
  96KB
- MD5
  
  727d467bdd8b079da7d3d114a32f64a0
- SHA1
  
  a7fcc4f0b24e119b9b22817a3ed7ba8d9ec03435
- SHA256
  
  c391e11cbfc87e81cca19d260339ea7aab4fcbd65627049655a80ca58e75bc19
- SHA512
  
  5b2e2a8e613da625a32efd01a5e4c4b7ae014c30bcb4601d84b2d57bfa84dc04c8af08cb6129a5b94876287e242ed178d03619529c35e46b125c6ae9138548ec
- SSDEEP
  
  1536:tnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:tGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan