neconyd | 000f38e22772063ed680321ab8a9e7038e26b19bc0384c2b82c25abf9133c4c9 | Triage

Sharing

General

Target

000f38e22772063ed680321ab8a9e7038e26b19bc0384c2b82c25abf9133c4c9.exe
Size

80KB
Sample

250122-cw9y5stnhm
MD5

0f2102dfd101497bf1c1427f0add67b4
SHA1

c75a668a75d7f06772c4e2698b8e4b4e2b270af5
SHA256

000f38e22772063ed680321ab8a9e7038e26b19bc0384c2b82c25abf9133c4c9
SHA512

aeb902bf9c67e5f76a5202a1b7d799fa67615e5031a5721f15a0fcabd9494f775282cf14ecd0be06d507654197bf5c00ef0680dc6f6a78830bb1e9ae98b5cd0a
SSDEEP

1536:ud9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzL:2dseIOMEZEyFjEOFqTiQmOl/5xPvwP

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  000f38e22772063ed680321ab8a9e7038e26b19bc0384c2b82c25abf9133c4c9.exe
- Size
  
  80KB
- MD5
  
  0f2102dfd101497bf1c1427f0add67b4
- SHA1
  
  c75a668a75d7f06772c4e2698b8e4b4e2b270af5
- SHA256
  
  000f38e22772063ed680321ab8a9e7038e26b19bc0384c2b82c25abf9133c4c9
- SHA512
  
  aeb902bf9c67e5f76a5202a1b7d799fa67615e5031a5721f15a0fcabd9494f775282cf14ecd0be06d507654197bf5c00ef0680dc6f6a78830bb1e9ae98b5cd0a
- SSDEEP
  
  1536:ud9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzL:2dseIOMEZEyFjEOFqTiQmOl/5xPvwP
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan