neconyd | 7aa802d8f6df7e6bf7786078518e348207d67ff90d6d231a7308e9362b2fdd5d | Triage

Sharing

General

Target

7aa802d8f6df7e6bf7786078518e348207d67ff90d6d231a7308e9362b2fdd5d
Size

80KB
Sample

250122-eahzmsxkhk
MD5

7f92312b3e3885e89af5a29c29a87131
SHA1

390526f25d1c74e41b0b0282587764e6d08fc42c
SHA256

7aa802d8f6df7e6bf7786078518e348207d67ff90d6d231a7308e9362b2fdd5d
SHA512

620bcc7e564df898a5f605d31bd71db1c13c3d07a1f4bf5fe3a1b440cdea1b5e6d5b823535f9a474cc801b2d63cfdcf2709a6893615f522f2d0c2033266f6ec7
SSDEEP

768:pfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAa:pfbIvYvZEyFKF6N4yS+AQmZTl/5C

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  7aa802d8f6df7e6bf7786078518e348207d67ff90d6d231a7308e9362b2fdd5d
- Size
  
  80KB
- MD5
  
  7f92312b3e3885e89af5a29c29a87131
- SHA1
  
  390526f25d1c74e41b0b0282587764e6d08fc42c
- SHA256
  
  7aa802d8f6df7e6bf7786078518e348207d67ff90d6d231a7308e9362b2fdd5d
- SHA512
  
  620bcc7e564df898a5f605d31bd71db1c13c3d07a1f4bf5fe3a1b440cdea1b5e6d5b823535f9a474cc801b2d63cfdcf2709a6893615f522f2d0c2033266f6ec7
- SSDEEP
  
  768:pfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAa:pfbIvYvZEyFKF6N4yS+AQmZTl/5C
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan