neconyd | aef46e2f956e6ec7cd0b6d322e6d99895b00ef7fc9ec2c88ad51f84164a68755 | Triage

Sharing

General

Target

aef46e2f956e6ec7cd0b6d322e6d99895b00ef7fc9ec2c88ad51f84164a68755N.exe
Size

80KB
Sample

250124-b4qpssvnck
MD5

3ffb0284778f950150c4e19aeadaffe0
SHA1

43d55831703b9d8db52ef3776705e0cc5bb7cc35
SHA256

aef46e2f956e6ec7cd0b6d322e6d99895b00ef7fc9ec2c88ad51f84164a68755
SHA512

2c7ea411a9712521bf38848d359d92bf5a86824e3ad0f6f1fa2b486075f5972447c468a4542c8a15a9bbd4fcf27c1e0ecda9edf505291e92e9dde00873d39224
SSDEEP

1536:wd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzB:wdseIOMEZEyFjEOFqTiQmOl/5xPvwN

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  aef46e2f956e6ec7cd0b6d322e6d99895b00ef7fc9ec2c88ad51f84164a68755N.exe
- Size
  
  80KB
- MD5
  
  3ffb0284778f950150c4e19aeadaffe0
- SHA1
  
  43d55831703b9d8db52ef3776705e0cc5bb7cc35
- SHA256
  
  aef46e2f956e6ec7cd0b6d322e6d99895b00ef7fc9ec2c88ad51f84164a68755
- SHA512
  
  2c7ea411a9712521bf38848d359d92bf5a86824e3ad0f6f1fa2b486075f5972447c468a4542c8a15a9bbd4fcf27c1e0ecda9edf505291e92e9dde00873d39224
- SSDEEP
  
  1536:wd9dseIOcE93bIvYvZEyF4EEOF6N4yS+AQmZcl/52izbR9XwzB:wdseIOMEZEyFjEOFqTiQmOl/5xPvwN
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan