neconyd | 42a2c7119345fb0f08927d41a1ad35a8a7fe4c8f31c599877f857ba7937a4c2f | Triage

Sharing

General

Target

42a2c7119345fb0f08927d41a1ad35a8a7fe4c8f31c599877f857ba7937a4c2fN.exe
Size

72KB
Sample

250123-bref1awmfn
MD5

462c26d322751a036b3fca6c67ec4100
SHA1

77406805b377828f901652d298c88824684320b0
SHA256

42a2c7119345fb0f08927d41a1ad35a8a7fe4c8f31c599877f857ba7937a4c2f
SHA512

ef1e73d9808489dfc011a40d36e2de3b4642abe4000a60b552cc5cb9068982626ec2a81a720f1f4b166fa45c8c53eb2f4e4f967931340eaf93cd78e19d0b8cbd
SSDEEP

1536:hd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5211H:RdseIOMEZEyFjEOFqTiQm5l/5211H

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  42a2c7119345fb0f08927d41a1ad35a8a7fe4c8f31c599877f857ba7937a4c2fN.exe
- Size
  
  72KB
- MD5
  
  462c26d322751a036b3fca6c67ec4100
- SHA1
  
  77406805b377828f901652d298c88824684320b0
- SHA256
  
  42a2c7119345fb0f08927d41a1ad35a8a7fe4c8f31c599877f857ba7937a4c2f
- SHA512
  
  ef1e73d9808489dfc011a40d36e2de3b4642abe4000a60b552cc5cb9068982626ec2a81a720f1f4b166fa45c8c53eb2f4e4f967931340eaf93cd78e19d0b8cbd
- SSDEEP
  
  1536:hd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZTl/5211H:RdseIOMEZEyFjEOFqTiQm5l/5211H
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan