neconyd | 928415cfac48941706e12d22195bad42667ceab991cda5f6a2ee92c660efe39b | Triage

Sharing

General

Target

928415cfac48941706e12d22195bad42667ceab991cda5f6a2ee92c660efe39b
Size

96KB
Sample

250124-faw2yaznhw
MD5

a7dad23f9097171380f21aa842e154fe
SHA1

4a1a0d72bde7e5b941692eedc6098be1742e21f2
SHA256

928415cfac48941706e12d22195bad42667ceab991cda5f6a2ee92c660efe39b
SHA512

8793115a37509c12a361f0d0c1a361db7574d5df63d1f085d2ba9430f4b3ed70ad1a9f77fb26cb7ea96be8bdb8bfef2529c4d1dab3b47a1d0fdd22076fbfd7cf
SSDEEP

1536:DnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:DGs8cd8eXlYairZYqMddH13L

Score

10^/10

neconyd discovery trojan

Malware Config

Extracted

Family

neconyd

C2

http://ow5dirasuek.com/

http://mkkuei4kdsz.com/

http://lousta.net/

Targets

- Target
  
  928415cfac48941706e12d22195bad42667ceab991cda5f6a2ee92c660efe39b
- Size
  
  96KB
- MD5
  
  a7dad23f9097171380f21aa842e154fe
- SHA1
  
  4a1a0d72bde7e5b941692eedc6098be1742e21f2
- SHA256
  
  928415cfac48941706e12d22195bad42667ceab991cda5f6a2ee92c660efe39b
- SHA512
  
  8793115a37509c12a361f0d0c1a361db7574d5df63d1f085d2ba9430f4b3ed70ad1a9f77fb26cb7ea96be8bdb8bfef2529c4d1dab3b47a1d0fdd22076fbfd7cf
- SSDEEP
  
  1536:DnAHcBbLmdvduLd8IDiaP/8A68YaiIv2RwEYqlwi+BzdAeV9b5ADbyxxL:DGs8cd8eXlYairZYqMddH13L
Score

10^/10

neconyd discovery trojan
- Neconyd
  Neconyd is a trojan written in C++.
  trojan neconyd
- Neconyd family
  neconyd
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

neconyddiscoverytrojan

behavioral2

neconyddiscoverytrojan