neconyd | 0a62e2fbb1d9c3fcdb07af63912c3915fd2742b011b9a4d23e53fff561342639 | Triage

Sharing

General

Target

0a62e2fbb1d9c3fcdb07af63912c3915fd2742b011b9a4d23e53fff561342639N.exe
Size

80KB
Sample

250122-qrdxssykcw
MD5

be9b73a0ecea7c7c16e179b5f7abba60
SHA1

3e76d0ec8ff03bfcba85733b1a8c32834bf5a7c0
SHA256

0a62e2fbb1d9c3fcdb07af63912c3915fd2742b011b9a4d23e53fff561342639
SHA512

938d9f6542d590e391972a4488589c05e0b5f8916225015d2f857610fdfc94854960b4e5dcd19208781226190d83ae19e7dded4ad5055c47b1c1ec5b22457dde
SSDEEP

768:sfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAK:sfbIvYvZEyFKF6N4yS+AQmZTl/5S

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  0a62e2fbb1d9c3fcdb07af63912c3915fd2742b011b9a4d23e53fff561342639N.exe
- Size
  
  80KB
- MD5
  
  be9b73a0ecea7c7c16e179b5f7abba60
- SHA1
  
  3e76d0ec8ff03bfcba85733b1a8c32834bf5a7c0
- SHA256
  
  0a62e2fbb1d9c3fcdb07af63912c3915fd2742b011b9a4d23e53fff561342639
- SHA512
  
  938d9f6542d590e391972a4488589c05e0b5f8916225015d2f857610fdfc94854960b4e5dcd19208781226190d83ae19e7dded4ad5055c47b1c1ec5b22457dde
- SSDEEP
  
  768:sfMEIvFGvZEr8LFK0ic46N47eSdYAHwmZGp6JXXlaa5uAK:sfbIvYvZEyFKF6N4yS+AQmZTl/5S
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan