neconyd | 75728f28e53fa173d612a532eb870dd0583e5e363026de08322103501baf57da | Triage

Sharing

General

Target

75728f28e53fa173d612a532eb870dd0583e5e363026de08322103501baf57da.exe
Size

96KB
Sample

250121-1rdl5stjgj
MD5

52f894d5e05afd7a0c3e3f494103bd74
SHA1

39288ac93279ffffe529338f52a0662dfc3171c4
SHA256

75728f28e53fa173d612a532eb870dd0583e5e363026de08322103501baf57da
SHA512

60b4f1f80a3dc940383e6cc677a12b0e933993b4c307e366dab961e3050b0c6afc138d852a487c5d671adc9a43c955eea77e98e2efa9b57ad0f4f46bd08da479
SSDEEP

1536:HnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:HGs8cd8eXlYairZYqMddH13z

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  75728f28e53fa173d612a532eb870dd0583e5e363026de08322103501baf57da.exe
- Size
  
  96KB
- MD5
  
  52f894d5e05afd7a0c3e3f494103bd74
- SHA1
  
  39288ac93279ffffe529338f52a0662dfc3171c4
- SHA256
  
  75728f28e53fa173d612a532eb870dd0583e5e363026de08322103501baf57da
- SHA512
  
  60b4f1f80a3dc940383e6cc677a12b0e933993b4c307e366dab961e3050b0c6afc138d852a487c5d671adc9a43c955eea77e98e2efa9b57ad0f4f46bd08da479
- SSDEEP
  
  1536:HnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxz:HGs8cd8eXlYairZYqMddH13z
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan